Documentation #4352: Devguide: Debugging Basics - pcap_cnt - Suricata - Open Information Security Foundation

Actions

Copy link

Documentation #4352

open

SB OD

Devguide: Debugging Basics - pcap_cnt

Documentation #4352: Devguide: Debugging Basics - pcap_cnt

Added by Shivani Bhardwaj about 5 years ago. Updated 7 months ago.

Status:

Assigned

Priority:

Low

Assignee:

OISF Dev

Target version:

9.0.0-beta1

Affected Versions:

Effort:

Difficulty:

Label:

Description

What is pcap_cnt.
How to use it to correlate packet data with Wireshark.
jq commands to check/sort pcap_cnt for particular situations.

SB Updated by Shivani Bhardwaj over 3 years ago Actions
Copy link
#1

Assignee changed from Shivani Bhardwaj to Juliana Fajardini Reichow
Priority changed from Normal to Low

JF Updated by Juliana Fajardini Reichow over 3 years ago Actions
Copy link
#2

Target version set to 8.0.0-beta1

VJ Updated by Victor Julien about 2 years ago Actions
Copy link
#3

Assignee changed from Juliana Fajardini Reichow to OISF Dev

VJ Updated by Victor Julien about 1 year ago Actions
Copy link
#4

Target version changed from 8.0.0-beta1 to 8.0.0-rc1

VJ Updated by Victor Julien 10 months ago Actions
Copy link
#5

Target version changed from 8.0.0-rc1 to 8.0.0

PA Updated by Philippe Antoine 9 months ago Actions
Copy link
#6

Target version changed from 8.0.0 to 8.0.1

JL Updated by Jeff Lucovsky 7 months ago Actions
Copy link
#7

 jq -s 'sort_by(.pcap_cnt)' < eve.json

Use this to sort EVE records by pcap_cnt

JL Updated by Jeff Lucovsky 7 months ago Actions
Copy link
#8

This will be more useful if included in the user guide -- eve-json-examples and eve-json-output?

VJ Updated by Victor Julien 7 months ago Actions
Copy link
#9

Target version changed from 8.0.1 to 8.0.2

VJ Updated by Victor Julien 7 months ago Actions
Copy link
#10

Target version changed from 8.0.2 to 9.0.0-beta1

Actions

Copy link

Also available in: PDF Atom

Project

General

Profile

Suricata

Custom queries

Documentation #4352

Devguide: Debugging Basics - pcap_cnt

SB Updated by Shivani Bhardwaj over 3 years ago Actions
Copy link
#1

JF Updated by Juliana Fajardini Reichow over 3 years ago Actions
Copy link
#2

VJ Updated by Victor Julien about 2 years ago Actions
Copy link
#3

VJ Updated by Victor Julien about 1 year ago Actions
Copy link
#4

VJ Updated by Victor Julien 10 months ago Actions
Copy link
#5

PA Updated by Philippe Antoine 9 months ago Actions
Copy link
#6

JL Updated by Jeff Lucovsky 7 months ago Actions
Copy link
#7

JL Updated by Jeff Lucovsky 7 months ago Actions
Copy link
#8

VJ Updated by Victor Julien 7 months ago Actions
Copy link
#9

VJ Updated by Victor Julien 7 months ago Actions
Copy link
#10

Project

General

Profile

Suricata

Custom queries

Documentation #4352

Devguide: Debugging Basics - pcap_cnt

SB Updated by Shivani Bhardwaj over 3 years ago ActionsCopy link #1

JF Updated by Juliana Fajardini Reichow over 3 years ago ActionsCopy link #2

VJ Updated by Victor Julien about 2 years ago ActionsCopy link #3

VJ Updated by Victor Julien about 1 year ago ActionsCopy link #4

VJ Updated by Victor Julien 10 months ago ActionsCopy link #5

PA Updated by Philippe Antoine 9 months ago ActionsCopy link #6

JL Updated by Jeff Lucovsky 7 months ago ActionsCopy link #7

JL Updated by Jeff Lucovsky 7 months ago ActionsCopy link #8

VJ Updated by Victor Julien 7 months ago ActionsCopy link #9

VJ Updated by Victor Julien 7 months ago ActionsCopy link #10

SB Updated by Shivani Bhardwaj over 3 years ago Actions
Copy link
#1

JF Updated by Juliana Fajardini Reichow over 3 years ago Actions
Copy link
#2

VJ Updated by Victor Julien about 2 years ago Actions
Copy link
#3

VJ Updated by Victor Julien about 1 year ago Actions
Copy link
#4

VJ Updated by Victor Julien 10 months ago Actions
Copy link
#5

PA Updated by Philippe Antoine 9 months ago Actions
Copy link
#6

JL Updated by Jeff Lucovsky 7 months ago Actions
Copy link
#7

JL Updated by Jeff Lucovsky 7 months ago Actions
Copy link
#8

VJ Updated by Victor Julien 7 months ago Actions
Copy link
#9

VJ Updated by Victor Julien 7 months ago Actions
Copy link
#10