[179262] in North American Network Operators' Group
Re: lotsa pcap reporting
daemon@ATHENA.MIT.EDU (Harry Hoffman)
Sun Apr 5 10:05:34 2015
X-Original-To: nanog@nanog.org
Date: Sun, 05 Apr 2015 10:05:29 -0400
From: Harry Hoffman <hhoffman@ip-solutions.net>
To: Hank Disuko <gourmetcisco@hotmail.com>
In-Reply-To: <BLU180-W4797CF2056C183939BF9C2C9FF0@phx.gbl>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
So, NTop or Afterglow might be a good start. They are both user-friendly
tools that can ingest pcap files and output all sorts of pretty things.
Cheers,
Harry
On 04/05/2015 09:36 AM, Hank Disuko wrote:
> Thanks for the response, Harry.
>
> the basic stuff that managers are interested in seeing:
>
> - yes what you said
> - who or what is taking up all my precious network bandwidth
> - colourful 3D pie charts
>
> Kind regards,
>
> Hank
>
>> Date: Sun, 5 Apr 2015 09:30:03 -0400
>> Subject: Re: lotsa pcap reporting
>> From: hhoffman@ip-solutions.net
>> To: gourmetcisco@hotmail.com
>> CC: nanog@nanog.org
>>
>> Hmm, maybe start with defining what you want to report about?
>>
>> Top talkers, top protocols/ports, open services, DNS info,
> reconstructed files, etc...
>>
>> Lots of different tools but it depends on what you want to do.
>>
>> Cheers,
>> Harry
>>
>>
>>
>> On Apr 5, 2015 9:16 AM, Hank Disuko <gourmetcisco@hotmail.com> wrote:
>> >
>> > hi nanog folks,
>> > i have 7GB of darn pcap data separated into individual 50MB files.
> Collected via Wireshark.
>> > i need a tool that can slurp in all this data and regurgitate
> pretty, colourful and management-friendly reports. Windows or Linux.
>> > any suggestions?
>> > thanks,
>> > Hank
