Network Packet Capturing Management & Status

From MediaWiki
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Overview

This section will demonstrate the operational use of the NST WUI "Network Packet Capture Management & Status" implementation. This implementation provides a means to manage a large number of network packet captures that can be generated by either the NST WUI "Single-Tap Network Packet Capture" or the "Multi-Tap Network Packet Capture" interface. Previous or pending network packet captures located on a NST probe will appear in the "Available Network Packet Captures" table depending on the "Location Mode" setting. A complement of Actions or Search Criteria are provided for managing or locating each network packet capture file.

Moving your mouse cursor pointer over each field in the "Available Network Packet Captures" table will pop-up a comprehensive packet capture information window. One can also upload previously saved network captures and logs to the NST probe using the "Upload Network Capture Files & Logs" section.

This implementation also handles the ability to Save/Load all "Network Packet Capture Filters & Options" located on a NST probe.


Packet Capture Available View

An example network packet capture view of available captures for a NST probe is shown below. Only network packet captures that have satisfied the current search criteria that is in effect, have their status state enabled and have not been restricted by a display limit will be presented.

The display is broken up into 2 sections, one for the "Single-Tap Captures" and one for the "Multi-Tap Captures". The status state for each capture is shown in a different text color: "Completed Capture", "Archive Capture" and a "Pending Capture".

The total number of available network packet capture files is always presented for a given "Location Mode". The location mode can be "Global" or "Session" based. Any network packet capture files found using the "Global" based location mode will be made available to All web browser client sessions. Any network packet capture files found using the "Session" based location mode will be made available Only to that specific web browser client session. The example below shows a total of "15" available network packet capture files which includes both "Single-Tap" and "Multi-Tap" captures that have been located. Typically, the total number of network packet captures found when the "Global" based location mode is in effect is equivalent to the actual number of captures located on the NST probe. The "Session" based location mode can be used to focus on capture files located from a top level directory that are specific to a type of capture work you are currently performing.

Network Packet Capture Management & Status - View 1


Hovering your mouse pointer over each table cell for a given capture will reveal additional comprehensive information or available "Actions" that can be performed with the associated capture. Each "Action" is described below in the "Action Description Details" portion of the caption. This entire caption is embedded within the NST WUI "Network Packet Capture Management & Status" page for use as a reference guide.

Network Packet Capture Management & Status States And Action Legend


The depiction below shows detailed network packet capture status information for the multi-tap capture session that completed on: "Sun Jul 27 22:12:24 EDT 2008" containing: "2,409" packets. This was a quad-tap capture that lasted for a period of "23" seconds.

Network Packet Capture Management & Status - Multi-Tap Capture Status Pop-Up View 2

Select/Scan/Filter/Search For Packet Capture Files

Network Packet Capture Management & Status - Select/Scan/Filter/Search Form


Search Results For Packet Capture Files

Network Packet Capture Management & Status - DNS Capture File Search Results