nanog mailing list archives
Re: lotsa pcap reporting
From: Harry Hoffman <hhoffman () ip-solutions net>
Date: Sun, 05 Apr 2015 10:05:29 -0400
So, NTop or Afterglow might be a good start. They are both user-friendly tools that can ingest pcap files and output all sorts of pretty things. Cheers, Harry On 04/05/2015 09:36 AM, Hank Disuko wrote:
Thanks for the response, Harry. the basic stuff that managers are interested in seeing: - yes what you said - who or what is taking up all my precious network bandwidth - colourful 3D pie charts Kind regards, HankDate: Sun, 5 Apr 2015 09:30:03 -0400 Subject: Re: lotsa pcap reporting From: hhoffman () ip-solutions net To: gourmetcisco () hotmail com CC: nanog () nanog org Hmm, maybe start with defining what you want to report about? Top talkers, top protocols/ports, open services, DNS info,reconstructed files, etc...Lots of different tools but it depends on what you want to do. Cheers, Harry On Apr 5, 2015 9:16 AM, Hank Disuko <gourmetcisco () hotmail com> wrote:hi nanog folks, i have 7GB of darn pcap data separated into individual 50MB files.Collected via Wireshark.i need a tool that can slurp in all this data and regurgitatepretty, colourful and management-friendly reports. Windows or Linux.any suggestions? thanks, Hank
Current thread:
- lotsa pcap reporting Hank Disuko (Apr 05)
- Re: lotsa pcap reporting Harry Hoffman (Apr 05)
- RE: lotsa pcap reporting Hank Disuko (Apr 05)
- Re: lotsa pcap reporting Harry Hoffman (Apr 05)
- Re: lotsa pcap reporting John Mason Jr (Apr 05)
- RE: lotsa pcap reporting Hank Disuko (Apr 05)
- RE: lotsa pcap reporting Hank Disuko (Apr 05)
- Re: lotsa pcap reporting Harry Hoffman (Apr 05)