# Automating MRTG/tcpdump [SOLVED]

## Ph0eniX

I have MRTG configured to monitor traffic on my two T1's.  I have set up thresholds so when one of them is breached, a script logs into my firewall and runs tcpdump capturing an X number of packets, then e-mails me the .cap file so I that I can analyze it.  I would like to take this a step further and have a script analyze the .cap file for me, then e-mail me the actual results.  That way I can look at it even on my phone.  Here's the question.  Are there any command line tools that will analyze conversations in tcpdump capture files so that I can script this?

Thank you!  :Very Happy: Last edited by Ph0eniX on Tue Oct 28, 2008 9:16 pm; edited 2 times in total

----------

## Ph0eniX

To be clear, I want to be able to list conversations and sort them by the number of bytes sent/received in descending order.

Thanks!  :Smile: 

----------

## Ph0eniX

I found tshark (part of wireshark - formerly ethereal) so I'm all set.

You guys are the best!  :Very Happy: 

----------

