Chapter 6. Command Line Packet Analysis Tools

image with no caption

In Chapter 3 and Chapter 4 we installed the SO software in several configurations, and we discussed housekeeping functions in Chapter 5. Now that you have this powerful NSM platform collecting data, in this chapter I’ll introduce the first set of command line tools used to present information to analysts. Some of these tools will be running all the time, while others will be invoked on demand. Each has its particular strengths and weaknesses. I’ll discuss how I use key features, though I won’t cover all tools in exhaustive detail here.

Because I’ve written this book for new analysts, my discussion of ...

Get The Practice of Network Security Monitoring now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.