Hi Rikard,
Try this one:
$ tshark -r test.pcap -q -z io,stat,120,"COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack","COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission"
===================================================================
IO Statistics
Interval: 120.000 secs
Column #0: COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack
Column #1: COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission
| Column #0 | Column #1
Time | COUNT | COUNT
000.000-120.000 12 4
===================================================================
Best regards
Joan
On Sat, 28 Nov 2009 14:23:20 +0100 Rikard Svenningsen wrote:
>Hi
>I am trying to use tshark for analysis of some tcp error on my network.
>I intent to use the following command:
>tshark -r FileToAnalyse -q -z
>io,stat,120,COUNT(tcp.analysis.duplicate_ack)tcp.analysis.duplicate_ack,COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission
>
>The command: tshark ....... tcp.analysis.retransmission is supposed to be
>on
>one line to get it work.
>I tried:
>-z
>"io,stat,120,COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission"
>and
>-z
>'io,stat,120,COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission'
>and
>-z
>io,stat,120,COUNT\(tcp.analysis.retransmission\)tcp.analysis.retransmission
>
>If I use it just like this:
>-z io,stat,120,COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission
>
>I get this:
>bash: syntax error near unexpected token `('
>
>Only if I run the command in a DOS prompt in Windows, it will work fine.
>-z io,stat,120,COUNT(tcp.analysis.retransmission)tcp.analysis.retransmission
>
>
>--
>Best regards
>Rikard Svenningsen
>Denmark
>___________________________________________________________________________
>Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
>Archives: http://www.wireshark.org/lists/wireshark-users
>Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
