A Go tool to collect various statistics from .pcap or .pcapng files using tshark.
This tool scans a directory for .pcap and .pcapng files and generates various statistical summaries for each file. The statistics are gathered using tshark, which allows for customizable and in-depth analysis of network data. Results are saved as text files with a specified suffix. All statistics-related types are available at tshark manpage.
- tshark must be installed and available in your system's PATH.
Clone the repository and build the Go binary:
git clone https://github.com/v-at-gh/get-pcap-stats.git
cd get-pcap-stats
go build./get-pcap-stats.exe [options]| Option | Description | Default |
|---|---|---|
-dir |
Directory to search for .pcap or .pcapng files. |
. (current directory) |
-stats |
Space-separated statistics types or path to a file containing stats types to pass to tshark. |
(all supported stats) |
-suffix |
Suffix for resulting statistics files. | .total-stats.txt |
-overwrite |
If set, overwrites existing statistics files. | false |
-yes |
If set, skips confirmation prompt before processing files. | false |
-workers |
Number of files to process in parallel. | CPU count |
-
Process all
.pcapfiles in the current directory and save results with.summary.txtsuffix:./get-pcap-stats.exe -suffix ".summary.txt" -
Process files in
/path/to/pcapdirectory, overwriting any existing results:./get-pcap-stats.exe -dir /path/to/pcap -overwrite
-
Specify custom statistics types via a text file (one per line):
./get-pcap-stats.exe -stats "path/to/stats_file.txt" -
Find files in current directory and gather UDP statistics without confirmation prompt:
./get-pcap-stats.exe -yes -stats "conv,udp endpoints,udp" -suffix ".stats-udp.txt"
MIT License. See LICENSE for details.