This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

RTP stream analysis on large files (greater than 10GB)

0

Hi,

I am trying to do RTP stream analysis on files greater than 10GB in size. The files only contain packet headers (packets were truncated to first 64 Bytes during capture).

RTP analysis on one 10GB file is taking a few hours on a very fast server machine with multiple CPUs and 6GB RAM.

Is there any way to do optimize this and make the RTP stream analysis run faster?

Any advice/pointers will be much appreciated.

Many thanks.

asked 07 May '14, 03:52

hasanm's gravatar image

hasanm
11112
accept rate: 0%


One Answer:

1

Other than checking if it's possible to optimize the code of epan/rtp_analysis.c and epan/rtp_stream.c or try splitting the file in smaller chunk and analyse them on by one - I think not. Are you using the latest version 1.10.7 or he development version.

answered 07 May '14, 04:53

Anders's gravatar image

Anders ♦
4.6k952
accept rate: 17%

Hi,

Thanks Anders. I'm using 1.10.5.

Regards

(07 May '14, 04:56) hasanm

Well I don't think there has been any improvment in the development version but you could try it. If you are going to try to optimize I would recommend using the development version and give us the patches.

(07 May '14, 04:59) Anders ♦

Thanks Anders.

(08 May '14, 04:54) hasanm

Hi again,

Using tshark for rtp stream analysis is faster. However, i can't find an option to generate a csv file that i can get through the gui (with the 'save as csv' option on RTP stream analysis window).

Any ideas?

Thanks.

(09 May '14, 03:14) hasanm