Max Frame Rate of select Traffic?
Hi,
This is a easy to do in Wireshark GUI. Problem is that I have too many Capture files and they are all big size. I want to do it with it with Tshark in a batch Script which can run overnight. Using a filter in tshark also straight forward and I was lucky to find following too for Frame Rates:
tshark -r xx.pcap -qz io,stat,1,"COUNT(frame) frame"
How is it possible to bring a criteria(filter) here with above command so that I can list a maximum Frame Rate for specific VLAN ID or? I tried using a pipe like "tshark | tshark" but seems not working.
In theory I can read & filter and create another pcap before I can use above command but I want to avoid this.
Thanks in Advance.
Like this:
C:\>tshark -r .\test.pcap 1 0.000000 192.168.200.135 → 8.8.8.8 ICMP \x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F !"#$%&'()*+,-./01234567 2 0.064683 8.8.8.8 → 192.168.200.135 ICMP \x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F !"#$%&'()*+,-./01234567 3 0.999529 192.168.200.135 → 8.8.8.8 ICMP \x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F !"#$%&'()*+,-./01234567 4 1.072596 8.8.8.8 → 192.168.200.135 ICMP \x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F !"#$%&'()*+,-./01234567 5 1.999272 192.168.200.135 → 8.8.8.8 ICMP \x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A ...(more)