Requirement:
We need to get tcp traffic on busy systems to diagnose the network related issues. Tcpdump is a great tool but it also dumps huge amount of data which fill up disk easily.Solution:
tcpdump has rotation built in. Use below command:-C 8000*1,000,000 byet --> around 8G each file size
-W total 9 files to keep
nohup tcpdump -i bond0 -C 8000 -W 9 port 5801 -w tcpdump-$(hostname -s).pcap -Z root &
No comments:
Post a Comment