[188562] in North American Network Operators' Group
Better Conversation following tools for Wireshark?
daemon@ATHENA.MIT.EDU (Jay R. Ashworth)
Mon Apr 4 16:05:42 2016
X-Original-To: nanog@nanog.org
Date: Mon, 4 Apr 2016 20:05:39 +0000 (UTC)
From: "Jay R. Ashworth" <jra@baylink.com>
To: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
I have to do a little interactive monitoring this week, and while I want
to run Wireshark to log the packets, I'd also like to be able to do some more
hands on, flow-based monitoring, and the Conversations tool in WS2.x isn't
up to the task; it won't let me roll up all traffic for a local IP into a
single line, for example, as iftop will.
I thought I'd be able to do this with ntop, but even though I can see that
monitoring is enable to the switchport from WS, ntop only shows me the
broadcast connections.
Are there any better tools for this sort of work, that will cooperate
with WS on a Win7Pro box? (Yeah, yeah; I know; it's all I have handy and
I'm out of days; I had the flu last week like everyone else.)
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra@baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII
St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
