SUMMARY
Purpose
Show one line of information about each record in the trace.
Format
The following command was used to
obtain the example of this report.
CTRACE COMP(SYSTCPIS) SUB((TCPCS)) SUMMARY DSN('IBMUSER.CTRACE1')
COMPONENT TRACE SUMMARY FORMAT
SYSNAME(MVS118)
COMP(SYSTCPIS)SUBNAME((TCPCS))
DSNAME('IBMUSER.CTRACE1')
**** 2002/11/20
I - Inbound packet
O - Outbound packet
DP Nr hh:mm:ss.mmmmmm IpId Group Probe Id Corelatr JobName Cid DatLn Data Source/Destination
II 4521 17:38:32.175560 0000 SCAN 03030000 10 TCPCS 00000000 12 ICMP 9.42.105.71
9.42.104.38
IT 4522 17:38:45.130339 163F SCAN 03030026 11 FTPD1 00000020 0 TCP 9.2.197.34-46911
9.42.104.38-21
IT 4523 17:38:45.153474 173F SCAN 03030026 12 FTPD1 00000020 0 TCP 9.224.157.220-47167
9.42.104.38-21
IT 4524 17:38:45.170441 183F SCAN 03030026 13 FTPD1 00000020 0 TCP 9.74.208.131-47423
9.42.104.38-21
IT 4525 17:38:45.190606 193F SCAN 03030026 14 FTPD1 00000020 0 TCP 9.79.235.253-47679
9.42.104.38-21
IT 4526 17:38:45.213117 1A3F SCAN 03030026 15 FTPD1 00000020 0 TCP 9.40.107.43-47935
9.42.104.38-21
IT 5671 17:59:32.787165 0B3B ATTACK 04070002 277 FTPD1 00000020 0 TCP 9.42.104.38-21
9.84.160.95-47938
IT 5672 17:59:32.806700 0B1A ATTACK 04070002 277 FTPD1 00000020 0 TCP 9.42.104.38-21
9.156.214.250-44610
IT 5673 17:59:32.827193 0B1B ATTACK 04070002 277 FTPD1 00000020 0 TCP 9.42.104.38-21
9.150.148.96-44866
IT 5674 17:59:32.847730 0B1C ATTACK 04070002 277 FTPD1 00000020 0 TCP 9.42.104.38-21
9.48.42.177-45122
.
.
.
===============================================================================
SYSTCPIS Trace Statistics
2,583 ctrace records processed
0 segmented trace records read
0 segmented trace records were lost
2,583 trace records read
0 records could not be validated
2,583 records passed filtering
2,583 packet trace records processed
0 data trace records processed
The following
describe areas of the example.
- D
- Direction of the packet:
- I
- Inbound packet
- O
- Outbound packet
- P
- The packet protocol:
- T
- TCP
- U
- UDP
- I
- ICMP
- G
- IGMP
- P
- Other
- Nr
- The CTRACE record number.
- hh:mm:ss.mmmmmmm
- The time stamp of the record.
- IpId
- The packet ID number in hexadecimal.
- Group
- The group assigned to the trace record. The value can be ATTACK, SCAN, UDPTR or TCPTR.
- Probe Id
- The probe identifier assigned to the trace record.
- Corelatr
- The correlator assigned to the trace record. Use this to correlate the trace data with console or syslog messages.
- JobName
- The job name assigned to the trace record.
- Cid
- The connection identifier assigned to the trace record.
- DatLn
- The length of the data.
- Data
- The protocol in the IP header.
- Source/Destination
- The source and destination IP address and port number.