Linux’da Tshark Kullanarak Paket Analizi yapmak için:
1 |
# /usr/sbin/tshark -d tcp.port==3306,mysql -T fields -R mysql.query -e frame.time -e ip.src -e ip.dst -e mysql.query |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
[root@sessiondb ~]$tshark -d tcp.port==3306,mysql -T fields -R mysql.query -e frame.time -e ip.src -e ip.dst -e mysql.query Running as user "root" and group "root". This could be dangerous. Capturing on eth0 May 22, 2015 14:24:13.515665000 10.10.140.30 10.10.141.70 select @@session.tx_read_only May 22, 2015 14:24:13.516158000 10.10.140.30 10.10.141.70 update sessionsV2 set accessTime = 1432293853449, lastAccessTime = 1432293736476, lastUpdatedTime = 1432293853511, expiryTime = 1432295653449 where sessionId = '56edda9cfaaf44f8a57cfb0c85094200' May 22, 2015 14:24:13.518402000 10.10.140.30 10.10.141.70 SET autocommit=1 May 22, 2015 14:24:13.518697000 10.10.140.30 10.10.141.70 set session transaction read write May 22, 2015 14:24:13.536207000 10.10.140.29 10.10.141.70 select * from sessionsV2 where sessionId = 'f1e21f16ae7b4b958a8223cf9022b4c0' May 22, 2015 14:24:13.537542000 10.10.140.29 10.10.141.70 SET autocommit=1 May 22, 2015 14:24:13.537781000 10.10.140.29 10.10.141.70 set session transaction read write May 22, 2015 14:24:13.554846000 10.10.140.29 10.10.141.70 select @@session.tx_read_only May 22, 2015 14:24:13.555251000 10.10.140.29 10.10.141.70 update sessionsV2 set accessTime = 1432293853537, lastAccessTime = 1432293757464, lastUpdatedTime = 1432293853553, expiryTime = 1432295653537 where sessionId = 'f1e21f16ae7b4b958a8223cf9022b4c0' May 22, 2015 14:24:13.556247000 10.10.140.9 10.10.141.70 select * from sessionsV2 where sessionId = 'f8ff81b391e34c1098f6fd08df0ebabc' May 22, 2015 14:24:13.557241000 10.10.140.9 10.10.141.70 SET autocommit=1 May 22, 2015 14:24:13.557481000 10.10.140.9 10.10.141.70 set session transaction read write May 22, 2015 14:24:13.558348000 10.10.140.29 10.10.141.70 SET autocommit=1 May 22, 2015 14:24:13.558625000 10.10.140.29 10.10.141.70 set session transaction read write May 22, 2015 14:24:13.559593000 10.10.140.29 10.10.141.70 select * from sessionsV2 where sessionId = '84dd557532d745cf83063a9d65c0d67d' May 22, 2015 14:24:13.561145000 10.10.140.29 10.10.141.70 SET autocommit=1 May 22, 2015 14:24:13.561483000 10.10.140.29 10.10.141.70 set session transaction read write May 22, 2015 14:24:13.561614000 10.10.140.9 10.10.141.70 select * from sessionsV2 where sessionId = 'be5167049cce4b2eaccd619fbe2fc6d0' May 22, 2015 14:24:13.562634000 10.10.140.30 10.10.141.70 select * from sessionsV2 where sessionId = '47d6b5fca3ca413b87b1184b0339ced9' May 22, 2015 14:24:13.562658000 10.10.140.9 10.10.141.70 SET autocommit=1 |
So, what do you think ?