![]() Perf stat packetbeat -c packetbeat.yml -I bigdnssample.pcap | rg ''. That way we can have a feeling of how long will it take to actually parse this massive PCAP For the purpose of benchmarking these, I’m gonna use compact JSON format output of tshark, and then pipe it to PV to measure lines/second being written to stdout. ![]() Tshark JSON outputįrom now on, the solutions are going to work in “stream”, meaning they probably won’t run out of RAM and the question becomes the speed of the solution rather than weather it’ll work or not. I’ll probably add it to my binary collection since it’s basically wireshark in terminal. Terminal brother of Wireshark dies on 6%. This one was easy to dismiss since it didn’t even get to 10% of the packets before filling up the RAM and basically died. Last packet time: *REDACTED* +20 minutes of first packet ![]() File timestamp precision: microseconds (6 ) Packet size limit: file hdr: 65535 bytes
0 Comments
Leave a Reply. |