Wireshark · Ethereal-dev: Re: [Ethereal-dev] Fast querying of offline captures

Ethereal-dev: Re: [Ethereal-dev] Fast querying of offline captures

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Richard Sharpe <rsharpe@xxxxxxxxxxxxxxxxx>

Date: Mon, 28 Feb 2005 16:45:02 -0800 (PST)

On Mon, 28 Feb 2005, Evan Hughes wrote:

>    I've been doing some work with largish trace files (in the
> neighbourhood of 1gig), and I noticed that display filters can take a
> long time to execute. Has any consideration been given to using some
> kind of indexing to accelerate work filtering of large data sets?

Not that I am aware of although someone in Australia is feeding data from
Ethereal into an SQL database.

>    More importantly, does dealing with such huge files seem to be a
> common task, or am I just using ethereal in a way that it wasn't
> intended to be used?

Actually, quite common :-(

Regards
-----
Richard Sharpe, rsharpe[at]richardsharpe.com, rsharpe[at]samba.org,
sharpe[at]ethereal.com, http://www.richardsharpe.com

References:
- [Ethereal-dev] Fast querying of offline captures
  - From: Evan Hughes

Prev by Date: Re: [Ethereal-dev] how to dissect 2 packets
Next by Date: Re: [Ethereal-dev] how to dissect 2 packets
Previous by thread: [Ethereal-dev] Fast querying of offline captures
Next by thread: [Ethereal-dev] how to dissect 2 packets
Index(es):
- Date
- Thread