All, It's been a year since I began using sngrep along with the suggestions provided by members of the list. I'm way overdue for a promised update. In short, the following is crontabs/root entry has been working perfectly and sngrep has been a very useful tool when diagnosing problems. I highly recommend it! Thanks again for the suggestions. Dan ## stops sngrep at 3:22 AM to not eat too much RAM. ## Kills all pcap files more than 31 days old at 3:23 AM ## Then restarts at 3:24 AM (also started on boot in /mnt/kd/rc.local) 22 3 * * * killall sngrep 23 3 * * * find /mnt/kd/sngrep/*.pcap -mtime +30 -type f -delete 24 3 * * * /usr/bin/screen -dmS sngrep /usr/bin/sngrep -d eth0 -c -O /mnt/kd/sngrep/$(date +"%Y-%m-%d_%H%M").pcap > /dev/null 2>&1 On Fri, Jan 24, 2020 at 02:43 PM, Michael Knill wrote: I didn't even know it existed so I'm more of a NOOB __
Great idea though Michael. I will certainly be doing this in the future. I played with the -l and -R parameters as I wanted to just perform a rolling capture however I realised that its only for the screen and not in the capture ☹ Regards Michael Knill On 25/1/20, 12:58 am, "Michael Keuter" wrote: Am 24.01.2020 um 14:20 schrieb Lonnie Abelbeck : On Jan 24, 2020, at 6:04 AM, Dan Ryson wrote: Hi Michael, This is perfect. Thank you for the guidance. I particularly appreciate the extra explanation and cronjob advice. I'll give all of this a try and report any useful findings. Although I've been an AstLinux user since version 0.4.5, I recognize that this qualifies as a NOOB question. Thanks for restraining the laughter, everyone! Nothing NOOB here, this was a graduate-level question ... and answer. Lonnie +1 Michael http://www.mksolutions.info (http://www.mksolutions.info) _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net (mailto:Astlinux-users@lists.sourceforge.net) https://lists.sourceforge.net/lists/listinfo/astlinux-users (https://lists.sourceforge.net/lists/listinfo/astlinux-users) Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org (mailto:pay...@krisk.org). _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net (mailto:Astlinux-users@lists.sourceforge.net) https://lists.sourceforge.net/lists/listinfo/astlinux-users (https://lists.sourceforge.net/lists/listinfo/astlinux-users) Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org (mailto:pay...@krisk.org).
_______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
