Traffic Vis

A long time ago, I wrote a small suite of tools to do network monitoring. While I have had neither the time nor the motivation to do any more work on Traffic-vis for nearly two years (how time flies...), it is still used by a few people.

News

2003-06-20

Release traffic-vis 0.35. This release adds the option to write a pid-file to the collector daemon, but no other changes. The primary focus of this release is changing the license from the GNU GPL to the same 2-term BSD license that I use for all my other code these days. Please note that traffic-vis is still largely unmaintained, though I may port the front-end reporting modules to use my newer softflowd network monitor soon. This may be a good project for an interested user (hint, hint).

Description

Traffic-vis takes the form of a collector daemon, which sniffs packets off the wire using libpcap. Upon receipt of a signal, the collector will write a report to a file of your choice.

While the report is a textual format, it is not really designed for human digestion. Traffic-vis provides a couple of tools to massage and reduce the data. traffic-resolve will resolve the IP addresses in the report to hostnames (a potentially slow process, traffic-exclude allows you to cull unwanted networks from the reports and traffic-sort allows you to sort the reports by any of a number of criteria.

Once you have cooked your data to satisfaction there are several frontends which generate human readable reports. Basic text, HTML, Postscript and GIF frontends are included with the distribution.

Download

Traffic-vis is available here:

• traffic-vis-0.35.tar.gz (pgp signature)