Hi,
I don't know whether ConnSizeAnalyzer's output (number of IP bytes and packets on the wire) can also be added to the new conn.log (Seth?). If so, it might make sense to give trace-summary a flag to use those counters.
cu
Gregor
I still haven't done the ConnSizeAnalyzer integration where I want it yet. Does it seem unreasonable to anyone to have that enabled mostly by default? I think it's useful enough that it would be enabled nearly all the time anyway.
I want/need to integrate it into the SSH analysis and Conn analysis at the very least. If we have the ConnSizeAnalyzer enabled "by default" then I'll add the fields to the core conn scripts, otherwise it will be an extension script (I'd rather have it in the core script support).
.Seth
I still haven't done the ConnSizeAnalyzer integration where I want it yet. Does it seem unreasonable to anyone to have that enabled mostly by default? I think it's useful enough that it would be enabled nearly all the time anyway.
Yeah, it strikes me as bread-&-butter info that it's sort of embarrassing
the logs historically didn't track :-P.
Vern