|
OSN Service Monitoring Bundle: Packet Capturing and Analysis
The Packet Capturing and Analysis (PCA) solution uses TShark , an open source network traffic capturing and protocol analyzer, that allows a user to capture packet data from the live network or read packets from a previously saved capture file. TShark can detect, read and write the same capture files that are supported by Wireshark, another open source application with an extensive graphical user interface that will analyze and decode TShark captured files. TShark can be used for network troubleshooting, examining security problems, debugging protocol implementations or simply learning network protocol internals.
Features and Benefits
Feature |
Benefit |
Description |
“Live” packet capture |
Automated and easy to use |
TShark enables network packets to be captured from a real-time network interface with different triggers and to save the data to a file |
Packet filtering |
Faster problem resolution |
TShark uses filter language to filter traffic on attributes such as host address, src/dst ports, packet length and protocols |
Multiple capture save options |
Scalable, usage over a long period of time |
TShark can save captured data in one temporary file that can be a single named file or continuous multiple files |
Export |
Open, compatible with most packet analysis tools |
TShark provides several ways to export packet data, including Binary, CSV and cap files |
Wireshark compatibility |
Can be supported remotely |
TShark is 100% compatible with open source Wireshark and allows deep packet, traffic analysis and even session replay for VoIP RTP traffic |
|
The Packet Capturing and Analysis (PCA) solution uses TShark , an open source network traffic capturing and protocol analyzer, that allows a user to capture packet data from the live network or read packets from a previously saved capture file. TShark can detect, read and write the same capture files that are supported by Wireshark, another open source application with an extensive graphical user interface that will analyze and decode TShark captured files. TShark can be used for network troubleshooting, examining security problems, debugging protocol implementations or simply learning network protocol internals.