The output of this command is a comma separate list of sip, dip, dport pairs for each of the lines tcpdump outputs. To see what other fields are available, have a look at the parser. We tell the parser that we are interested in the source IP (sip), the destination IP (dip) and the destination port (dport). This command will invoke tcpdump on interface eth0 and pipe the input through the parser. Tcpdump -vttttnneli eth0 | parsers/ "sip dip dport"
#Afterglow controller manual how to#
Here is an example of how to run the tcpdump parser file: The first one to parse tcpdump output and the second one to parse sendmail log files.
Either it generates a dot attributed graph language file - the input required by the graphviz library - or it can generate GDF files that can, for example, be visualized with Gephi.ĪfterGlow provides a couple of example parsers to generate CSV input files. The output of AfterGlow is one of two formats. A common way of generating the CSV files are parsers which take a raw input file, analyze it and output a comma separated list of records based on the data they found. The file can either contain two or three columns of data. Sorry, there is no graphical interface, however using the tool is quite simple. The tool is written in Perl and needs to be invoked via the command line. Node Configuration - Graph RepresentationĪfterGlow is a collection of scripts which facilitate the process of generating link graphs. AfterGlow 1.x Manual AfterGlow 1.x Manual Introduction