[179266] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

RE: lotsa pcap reporting

daemon@ATHENA.MIT.EDU (Hank Disuko)
Sun Apr 5 12:13:46 2015

X-Original-To: nanog@nanog.org
From: Hank Disuko <gourmetcisco@hotmail.com>
To: NANOG <nanog@nanog.org>
Date: Sun, 5 Apr 2015 12:13:43 -0400
In-Reply-To: <5C6B508C-61C7-4BC4-BB4E-DD86DD8B5EEF@gmail.com>
Errors-To: nanog-bounces@nanog.org

This is fantastic.
Thank-you everyone for your input.  I have a busy day of software evaluatio=
n ahead of me.
Thanks again!
Hank

> Subject: Re: lotsa pcap reporting
> From: john.mason.jr@gmail.com
> Date: Sun=2C 5 Apr 2015 10:44:56 -0400
> To: nanog@nanog.org
>=20
>=20
> http://www.riverbed.com/products/performance-management-control/network-p=
erformance-management/packet-analysis.html#Overview
>=20
>=20
> > On Apr 5=2C 2015=2C at 10:05 AM=2C Harry Hoffman <hhoffman@ip-solutions=
.net> wrote:
> >=20
> > So=2C NTop or Afterglow might be a good start. They are both user-frien=
dly
> > tools that can ingest pcap files and output all sorts of pretty things.
> >=20
> > Cheers=2C
> > Harry
> >=20
> >=20
> >=20
> >> On 04/05/2015 09:36 AM=2C Hank Disuko wrote:
> >> Thanks for the response=2C Harry.
> >>=20
> >> the basic stuff that managers are interested in seeing:
> >>=20
> >> - yes what you said
> >> - who or what is taking up all my precious network bandwidth
> >> - colourful 3D pie charts
> >>=20
> >> Kind regards=2C
> >>=20
> >> Hank
> >>=20
> >>> Date: Sun=2C 5 Apr 2015 09:30:03 -0400
> >>> Subject: Re: lotsa pcap reporting
> >>> From: hhoffman@ip-solutions.net
> >>> To: gourmetcisco@hotmail.com
> >>> CC: nanog@nanog.org
> >>>=20
> >>> Hmm=2C maybe start with defining what you want to report about?
> >>>=20
> >>> Top talkers=2C top protocols/ports=2C open services=2C DNS info=2C
> >> reconstructed files=2C etc...
> >>>=20
> >>> Lots of different tools but it depends on what you want to do.
> >>>=20
> >>> Cheers=2C
> >>> Harry
> >>>=20
> >>>=20
> >>>=20
> >>>> On Apr 5=2C 2015 9:16 AM=2C Hank Disuko <gourmetcisco@hotmail.com> w=
rote:
> >>>>=20
> >>>> hi nanog folks=2C
> >>>> i have 7GB of darn pcap data separated into individual 50MB files.
> >> Collected via Wireshark.
> >>>> i need a tool that can slurp in all this data and regurgitate
> >> pretty=2C colourful and management-friendly reports.  Windows or Linux=
.
> >>>> any suggestions?
> >>>> thanks=2C
> >>>> Hank    =20
 		 	   		  =
home help back first fref pref prev next nref lref last post