Hi all, i'm having trouble with the following script, what it's supposed to do is:
uniq: MAC-nohsrp-voice-DT-00001_di_13-03-2012_10-39-17.csv: invalid number of bytes to compare i then get a "uniq" message that quotes the above, i'm guessing i'm doing something wrong here ;-) asked 04 May '12, 01:49  Marc showing 5 of 9 show 4 more comments |
One Answer:
uniq does have a parameter -w, however it's not a filename, as in your script. http://en.wikipedia.org/wiki/Uniq -w Specifies the number of characters to compare in lines As already mentioned, just redirect the output of uniq with >, e.g. uniq -c > MAC-$file.csv Regards answered 04 May '12, 02:56  Kurt Knochner ♦ edited 04 May '12, 03:00 |
Since it seems to be a problem with unique please run the command without the last | uniq and look at the output / post it here if possible. There seems to be something uniq complains about but without seeing it it's difficult to answer
Hmm, maybe i've got the sequence wrong, should it be -w MAC-$file.csv | sort | uniq -c ? so tshark > out | then sort | uniq ?
I'd skip -w in tshark if you want to pipe to sort and uniq and use write stdout to file instead or do it in two steps for debugging by using 1. tshark -r -R ... -w file.csv 2. cat file.csv | sort | uniq > finalfile.txt
So (for my humble understanding..) i don't use the "tshark -w file.csv" option to redirect the output of tshark command string but instead take the output and redirect it through 'sort | uniq -c' and then put it in a file, as such:
for file in
dir -d *; do tshark.exe -r "$file" -R "eth.addr contains AV:AY:AM:AC-OUI" -T fields -e eth.src -e eth.dst -E header=y -E separator=, -E quote=d -E occurrence=f | sort | uniq -c > MAC-$file.csv; doneThanks for all your input by the way :-)
Either way should work (maybe with a little tweaking). Did your last try mentioned above work out for you?
Not yet i'm missing someting... i'll get to it!
Strange... D:>tshark.exe -r test2.pcap -R "eth.addr contains xx:yy" -T fields -e eth.src -e eth.dst -E header=y -E separator=, -E quote=d -E occurrence=f | sort | uniq -c
D:>
works perfectly fine for me, although I'd stick to just eth.src plus ip.src to make the list easier to handle
Yep, it did for me as well! Thanks guy's! After i had to work through 63 traces, got 63 csv files offcourse, now sorting out how i can awk that into something that totals everything ;-) i'll get there. Btw i did get rid of the (-R "eth.addr contains AV:AY:AM:AC-OUI") because i filtered these out already and ended up in:
for file in
dir -d *; do tshark.exe -r "$file" -T fields -e eth.src -e eth.dst -E header=y -E separator=, -E quote=d -E occurrence=f | sort | uniq -c > MAC-$file.csv; donetotal everything?