I would like to collect stats on TCP/UDP packets sent between two hosts (A and B). I am looking for a tool to install on A and B to get the following information:
- kb/seconds
- packets/seconds
- (cumulative) bytes sent so far
- (cumulative) packets sent so far
- avg in sliding window
There is iptraf, but I have hard times to configure it from command line. tcptrack does not aggregate data… I am a little bit lost.. 😀 I could script tcpdump :/
Probably, I miss something quite obvious…
UPDATE: Both servers run ubuntu 14.04.
UPDATE 2: I experiment now with tcpflow (logs grows pretty fast) and I will check collectId
UPDATE 3: The easiest way to track traffic to a given IP or network is to use IPTABLES and IPTABLES collectD plugin.
Best Answer
This is a very interesting question.
The answer depends on the setup of your network but, I will try to cover some case.
I quite believe CollectD is part of the answer.
First, as you want to collect your metrics "every second" your need to configure CollectD Interval value
Solution N°1 - Is ServerA EXCLUSIVELY speaking to ServerB on specific interface? (and vice-versa)
Install CollectD with the Interface plugin. It will "collect" part of what you need:
Forward CollectD metrics to a time series database such as Graphite.
You will be able to visualise those metrics and apply a moving average function. It will match your need for:
Solution N°2 - Is ServerA only speaking to ServerB on TCP and specific port? (and vice-versa)
Very similar. Use CollectD and monitor the traffic only on the specific TCP port using CollectD and it TCPConns plugin. Also, use Graphie for the "avg in sliding window"