log analysis with perl and wireshark decode.
Here is something that I had to do in couple of hours to check the logs. The problem was the log file was printing the Received and Sent message in the hex format. I had to verify if the messages were correct. So here is how to do it.
open(FP, ”<$ARGV[0]”)|| die ”File $ARGV[0] does not exist”;
while ($line =)
{if ($line =~ /(Received :)|(Sending :)/)
{
@words = split(/\|/, $words[4]);
$received = $words[1];# Convert to pcap using proprietery software.
system(”tshark -r /tmp/amit.pcap -V|grep -E -i ”Amit\|Agarwal””); # The grep expression only displays the fields of interest.}
Another techique that is quite helpful is to use different color for grep when you are searching for error/warning. This can be done using:
GREP_COLOR=”01;31” && tshark command
[[danscartoon]]