Puppy Linux Discussion Forum

Most command line based network tools in Linux only allow you to monitor network activities in real time and do not create a log file for later analysis.

Is there a tool that allows you to create and save a visual diagram (graph format) of incoming and outgoing network traffic and a text based log for later analysis?

Something comparable to the diagrams and data you would find on many routers, just directly in Linux and without having to install a complex server / client model with a database?

Neo_78 wrote: Sun Apr 03, 2022 1:43 pm

Most command line based network tools in Linux only allow you to monitor network activities in real time and do not create a log file for later analysis.

Is there a tool that allows you to create and save a visual diagram (graph format) of incoming and outgoing network traffic and a text based log for later analysis?

Something comparable to the diagrams and data you would find on many routers, just directly in Linux and without having to install a complex server / client model with a database?

For interface wlan0 (alternatively eth0 ... whatever) bmon supports something like ..

bmon -p 'wlan0' -o 'ascii:diagram=graphical history diagram;quitafter=10' >netactivitylog

that runs for 60 seconds (quitafter). Can also be set to record textual details instead ...etc. (see bmon manual page). That would be a large file however if scipted/looped, piping through zip would help (... quitafter=60 | gzip - >netactivitylog.gz) ... around a 7K zip file per minute record.

With a loop every minute and timestamp type filename you'd have all of the graphs for each minute and tail'ing out the last chart from each provides down to minute granularity in around 10MB/day combined files. With daily processing/condensing those, just a few MB/day in compressed form.

@Neo_78, is "wireshark' the solution you are looking for? It has a universal set of tools to look at local & remote acitivity that the PC sees.

Thanks @rufwoof and @Clarity. I am basically looking for a way to identify and log anomalies in network traffic, in particular sudden, incoming spikes. A solution, for which you do not have to be a network engineer. This would ideally create a visual graph but also log the related data of an "exceptional" event (for instance incoming IP, amount of data received, time stamp). Sure, you can log eveything in tcpdump or wireshark and write it to a txt file, but that amount of data can be pretty overwhelming, difficult to interpret and filter configurations are complex. It could also be a combination of multiple tools.

I remember one tool called BitMeter OS.

I once installed it from Quickpet in Bionicpup64.

It worked through a browser, various graphs and setting options.

Thanks @Feek. Let me check the mentioned tool.

Could the following be a solution?

https://serverfault.com/questions/10098 ... 47_1009867

atop is used to identify a network spike and a bash loop is used to when incoming packets per second exceed a certain threshold to record traffic with tcpdump.