tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging. tcpflow understands TCP sequence numbers and will correctly reconstruct data streams regardless of retransmissions or out-of-order delivery. Each stream is stored in a separate file for later analysis. tcpflow is designed to be portable, using the LBL packet capture library and GNU autoconf. It works under most UNIX platforms and for most common network interface types (ethernet, PPP, loopback, etc.).
tcpick is a textmode sniffer that can track TCP streams and saves the data captured in files or displays them in the terminal. It is useful for picking files in a passive way. It can store all connections in different files, or it can display all the stream on the terminal (using colors too).
The tcpsound utility plays sounds in response to network traffic, making it possible for a user to literally listen to a network. It forks a pseudo terminal in which to run tcpdump, parses that output, and plays a wide variety of user-configurable sounds. By interpreting the output in a pseudo terminal, users can first SSH to a remote host if desired.
tcptrack is a packet sniffer, which passively watches for connections on a specified network interface, tracks their states, and lists them in a manner similar to the Unix 'top' command. It displays source and destination addresses and ports, connection state, idle time, and bandwidth usage.
tenshi (formerly wasabi) is a log monitoring program designed to watch a log file for lines matching user defined regular expressions and report on the matches. The regular expressions are assigned to queues that have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to them, or to send periodic reports. Additionally, uninteresting fields in the log lines (such as PID numbers) can be masked with the standard regular expression grouping operators ( ). This allows cleaner and more readable reports. All reports are separated by hostname and all messages are condensed when possible.