snoop, the included packet sniffer

Polkan García -

Sometimes, knowing the type of traffic that is handled by a particular interface can help you troubleshoot performance issues. This is typically referred to as packet sniffing. You can choose to install a third-party packet sniffer if you like. You can also use the packet sniffing utility that is built into SmartOS: Snoop. From the Snoop man page:

"snoop captures packets from the network and displays their contents. snoop uses both the network packet filter and streams buffer modules to provide efficient capture of packets from the network. Captured packets can be displayed as they are received, or saved to a file for later inspection."


Basic Snoop Commands

Using Snoop is relatively easy:

Monitor traffic per interface:

snoop -d INTERFACE 

Monitor traffic per interface and filter by some port:

snoop -d INTERFACE | grep PORT 

Saves the output to a named file:

snoop -o file 

Note: Running this command with the -x0 flag saves the file in ASCII format.

Read the previously saved file:

snoop -i file

Display detailed or verbose output:

snoop -v


Useful links

Have more questions? Submit a request


Article is closed for comments.