Sniffer Adaptive Application Analyzer: Adaptive Mode ... - NetScout

More documents

Recommendations

Info

EARLY FIELD TRIAL Chapter 4 78 Sniffer Adaptive Application Analyzer Doubled Counts for Packets with Same Source and Destination Port The Statistics panel's Port tab includes a Packets column tabulating the number of packets seen with a particular port designation. When a packet has the same source and destination port, it will be counted in this column twice – once for the source port and once for the destination port. For example, a single packet with the source and destination port both set to 137 (a NetBIOS port) would be counted twice in the Packets column for the 137 port. This is the way that the IP Address, TCP/ UDP Port, and MAC Address columns are all displayed, because there are two of each of these addresses per each applicable packet. As shown in the figure below, you can create a custom tab that will display a correct count of packets containing any or all of these index types (IP Address, TCP/UDP Port, MAC Address) by adding columns for both sides of the connection. This way, you can see the directionality of the exchange broken out. For example, in this case, you could create a custom tab that included: Port A Port B Packets TX Packets RX Packets Summary tab shows total of 111 packets accepted, but Port tab shows 118 packets on port 137 because of doubled counts for packets with same source and destination ports. Custom tab broken out for directionality shows the true packet count – 59 packets with the same source and destination port were counted twice to arrive at the 118 total. Figure 4-5. Interpreting Packets with the Same Source/Destination Port.
EARLY FIELD TRIAL Network Tab Using the Statistics Panel The Network tab (a) provides statistics for individual subnets. Packets, Bytes, Packets/sec, and Bytes/sec are displayed by default for each entry in the tab. Use the Statistics panel controls to filter, sort, select, collapse, and expand the statistical data. See Using the Statistics Panel Tools on page 99. a Figure 4-6. Network Tab IMPORTANT: By default, the IP Address column is collapsed – it simply indicates the number of unique nodes seen in the subnet. This helps make the Network tab a concise list of the individual subnets seen. You can expand this data using the right-mouse menu to see each of the IP addresses seen on the subnet. See Collapsing and Expanding Column Data on page 100. IMPORTANT: If you collapse the Network column, the resulting Packets and Bytes counters are the sum of the Packets and Bytes values for all networks. Packets sent to a foreign network are only counted User’s Guide 79
Page 1 and 2:
EARLY FIELD TRIAL Sniffer ® Adapti
Page 3 and 4:
EARLY FIELD TRIAL "This product inc
Page 5 and 6:
EARLY FIELD TRIAL Contents Section
Page 7 and 8:
EARLY FIELD TRIAL Contents Overview
Page 9 and 10:
EARLY FIELD TRIAL Contents Setting
Page 11 and 12:
EARLY FIELD TRIAL SECTION 1 Introdu
Page 13 and 14:
EARLY FIELD TRIAL Sniffer Adaptive
Page 15 and 16:
EARLY FIELD TRIAL Figure 1-2. Adapt
Page 17 and 18:
Page 19 and 20:
EARLY FIELD TRIAL Sample Trace File
Page 21 and 22:
Page 23 and 24:
EARLY FIELD TRIAL Key Terms Table 1
Page 25 and 26:
EARLY FIELD TRIAL Table 1-3. Key Te
Page 27 and 28: EARLY FIELD TRIAL Quick Start - Fiv
Page 29 and 30: EARLY FIELD TRIAL Double-click the
Page 31 and 32: EARLY FIELD TRIAL Quick Start - Fiv
Page 33 and 34: EARLY FIELD TRIAL Step 4 - Capturin
Page 35 and 36: EARLY FIELD TRIAL Capture Mode Adap
Page 37 and 38: EARLY FIELD TRIAL Step 5 - Mining P
Page 39 and 40: EARLY FIELD TRIAL Adaptive Postcapt
Page 41 and 42: EARLY FIELD TRIAL Table 2-1. Postca
Page 43 and 44: EARLY FIELD TRIAL SECTION 2 Getting
Page 45 and 46: EARLY FIELD TRIAL Working with the
Page 47 and 48: EARLY FIELD TRIAL Introducing the N
Page 49 and 50: EARLY FIELD TRIAL Other Navigation
Page 51 and 52: EARLY FIELD TRIAL Using the Time Se
Page 55 and 56: EARLY FIELD TRIAL Zoom Menu Working
Page 57 and 58: EARLY FIELD TRIAL Introducing the G
Page 59 and 60: EARLY FIELD TRIAL Selected Statisti
Page 61 and 62: EARLY FIELD TRIAL Pie Chart Working
Page 63 and 64: EARLY FIELD TRIAL Column Chart Work
Page 65 and 66: EARLY FIELD TRIAL Time Series Chart
Page 71 and 72: EARLY FIELD TRIAL Using the Statist
Page 73 and 74: EARLY FIELD TRIAL Summary Tab a Usi
Page 77: EARLY FIELD TRIAL Port Tab Using th
Page 81 and 82: EARLY FIELD TRIAL Destination Tab U
Page 85 and 86: EARLY FIELD TRIAL VLAN ID Tab Using
Page 87 and 88: EARLY FIELD TRIAL Reports Tabs Usi
Page 89 and 90: EARLY FIELD TRIAL Top Conversations
Page 91 and 92: EARLY FIELD TRIAL Multicast Protoco
Page 97 and 98: EARLY FIELD TRIAL Refreshing Statis
Page 101 and 102: EARLY FIELD TRIAL Showing and Hidin
Page 103 and 104: EARLY FIELD TRIAL Resolving DNS Nam
Page 105 and 106: EARLY FIELD TRIAL Table 4-1. New Co
Page 107 and 108: EARLY FIELD TRIAL SECTION 2 Capturi
Page 109 and 110: EARLY FIELD TRIAL Capturing and Min
Page 111 and 112: EARLY FIELD TRIAL Configuring and S
Page 113 and 114: EARLY FIELD TRIAL Capture Mode Adap
Page 115 and 116: EARLY FIELD TRIAL Mining Packet Dat
Page 117 and 118: EARLY FIELD TRIAL Capturing and Min
Page 119 and 120: EARLY FIELD TRIAL Using Filters in
Page 121 and 122: EARLY FIELD TRIAL Reusable Filters
Page 123 and 124: EARLY FIELD TRIAL Figure 6-2. Apply
Page 125 and 126: EARLY FIELD TRIAL Working with Auto
Page 127 and 128: EARLY FIELD TRIAL Table 6-3. Filter
Page 129 and 130:
EARLY FIELD TRIAL Using Filters in
Page 131 and 132:
EARLY FIELD TRIAL Using Pattern Mat
Page 133 and 134:
EARLY FIELD TRIAL Applying Mining F
Page 135 and 136:
EARLY FIELD TRIAL Using Filters in
Page 137 and 138:
EARLY FIELD TRIAL Adaptive Display
Page 139 and 140:
EARLY FIELD TRIAL SECTION 3 Analyzi
Page 141 and 142:
EARLY FIELD TRIAL Adaptive Session
Page 143 and 144:
EARLY FIELD TRIAL Adaptive Mode Pos
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
EARLY FIELD TRIAL Session Overview
Page 151 and 152:
EARLY FIELD TRIAL Drilling Down to
Page 153 and 154:
EARLY FIELD TRIAL Adaptive Decode V
Page 155 and 156:
EARLY FIELD TRIAL Opening ASP Files
Page 157 and 158:
EARLY FIELD TRIAL Figure 7-9. Openi
Page 159 and 160:
EARLY FIELD TRIAL Using Filters wit
Page 161 and 162:
EARLY FIELD TRIAL Raw Capture Mode
Page 163 and 164:
EARLY FIELD TRIAL Table 8-1. Postca
Page 165 and 166:
EARLY FIELD TRIAL Introducing the P
Page 167 and 168:
EARLY FIELD TRIAL Granularity in De
Page 169 and 170:
EARLY FIELD TRIAL Packet Status Fla
Page 171 and 172:
EARLY FIELD TRIAL Table 8-5. Decode
Page 173 and 174:
EARLY FIELD TRIAL Types of Display
Page 175 and 176:
Page 177 and 178:
EARLY FIELD TRIAL a The “Apply on
Page 179 and 180:
Page 181 and 182:
Page 183 and 184:
Page 185 and 186:
EARLY FIELD TRIAL Using the Manual
Page 187 and 188:
EARLY FIELD TRIAL 5 Click OK. Figur
Page 189 and 190:
Page 191 and 192:
EARLY FIELD TRIAL Setting Display S
Page 193 and 194:
Page 195 and 196:
EARLY FIELD TRIAL Table 8-9. Summar
Page 197 and 198:
Page 199 and 200:
EARLY FIELD TRIAL Searching for Fra
Page 201 and 202:
Page 203 and 204:
Page 205 and 206:
Page 207 and 208:
EARLY FIELD TRIAL Printing Decoded
Page 209 and 210:
EARLY FIELD TRIAL Using the Matrix
Page 211 and 212:
Page 213 and 214:
EARLY FIELD TRIAL Using the Host Ta
Page 215 and 216:
EARLY FIELD TRIAL Using the Protoco
Page 217 and 218:
EARLY FIELD TRIAL Enabling VLAN Dat
Page 219 and 220:
EARLY FIELD TRIAL Expert Analysis O
Page 221 and 222:
EARLY FIELD TRIAL Expert Tool Bar T
Page 223 and 224:
EARLY FIELD TRIAL Expert Analysis
Page 225 and 226:
EARLY FIELD TRIAL Setting Expert Op
Page 227 and 228:
EARLY FIELD TRIAL Analyze Expert An
Page 229 and 230:
EARLY FIELD TRIAL Alarms Expert Ana
Page 231 and 232:
EARLY FIELD TRIAL Protocols To conf
Page 233 and 234:
EARLY FIELD TRIAL Subnet Masks To d
Page 235 and 236:
EARLY FIELD TRIAL To configure or d
Page 237 and 238:
EARLY FIELD TRIAL Oracle Options Mo
Page 239 and 240:
EARLY FIELD TRIAL IP Options Expert
Page 241 and 242:
EARLY FIELD TRIAL SECTION 4 Additio
Page 243 and 244:
EARLY FIELD TRIAL Setting Quick Sel
Page 245 and 246:
Page 247 and 248:
EARLY FIELD TRIAL Setting Graph Tab
Page 249 and 250:
Page 251 and 252:
Page 253 and 254:
EARLY FIELD TRIAL Figure 10-6. Addi
Page 255 and 256:
EARLY FIELD TRIAL Using the Address
Page 257 and 258:
EARLY FIELD TRIAL Using the Address
Page 259 and 260:
EARLY FIELD TRIAL SECTION 5 Reporti
Page 261 and 262:
EARLY FIELD TRIAL Running Reports O
Page 263 and 264:
EARLY FIELD TRIAL Table 12-1. Sprea
Page 265 and 266:
EARLY FIELD TRIAL Running Reports 4
Page 267 and 268:
EARLY FIELD TRIAL Index A About the
Page 269 and 270:
EARLY FIELD TRIAL Host Table, 212 m
Page 271 and 272:
EARLY FIELD TRIAL G General tab, 24
Page 273 and 274:
EARLY FIELD TRIAL option, 243 Mindi
Page 275 and 276:
EARLY FIELD TRIAL S S2DPalette.ini
Page 277:
EARLY FIELD TRIAL U Use Address Boo
show all

Sniffer Adaptive Application Analyzer: Adaptive Mode ... - NetScout

Create successful ePaper yourself

Delete template?

Save as template?