Allegro Network Multimeter Manual

Response time analysis: Difference between revisions

Page Discussion

Response time analysis (view source)

Revision as of 10:25, 28 April 2020

No change in size ,  28 April 2020
no edit summary
No edit summary
No edit summary
Line 207: Line 207:
:Each pattern consists of the following fields to describe it:
:Each pattern consists of the following fields to describe it:


:Data: This is the actual data string that is searched within the packer layer 7 payload.
:Data: This is the actual data string that is searched within the packer layer 7 payload.
:It is either searched as is (in case of the “string” data type) or converted from a hexadecimal representation.
:It is either searched as is (in case of the “string” data type) or converted from a hexadecimal representation.
:Data type: The drop down box allows to select either “string” which is a direct representation of the data, or “hexadecimal” which is the byte-wise hexadecimal representation of the data.
:Data type: The drop down box allows to select either “string” which is a direct representation of the data, or “hexadecimal” which is the byte-wise hexadecimal representation of the data.


:Pos: This defines at which byte location the data should be searched for. It can be a single number which means exactly this position within the layer 7 payload.  
:Pos: This defines at which byte location the data should be searched for. It can be a single number which means exactly this position within the layer 7 payload.  
:It can also be a range meaning the data should be search within the interval of bytes. The start value of the range is inclusive, while the end value is exclusive.
:It can also be a range meaning the data should be search within the interval of bytes. The start value of the range is inclusive, while the end value is exclusive.


Line 219: Line 219:
* 0-10: the data must be found within the first 10 bytes of data (that is byte 0 to byte 9).
* 0-10: the data must be found within the first 10 bytes of data (that is byte 0 to byte 9).


:Join command: Except for the first pattern, the other patterns might be connected with the previous one by choosing the appropriate join command.  
:Join command: Except for the first pattern, the other patterns might be connected with the previous one by choosing the appropriate join command.  
:The list is evaluated left to right without any priority so '''AND''' and '''OR''' can be mixed carefully to build complex expressions.
:The list is evaluated left to right without any priority so '''AND''' and '''OR''' can be mixed carefully to build complex expressions.
:The pattern may either match together with the previous one ('''AND''' operation), or that the previous or the current pattern must match ('''OR''' operation).
:The pattern may either match together with the previous one ('''AND''' operation), or that the previous or the current pattern must match ('''OR''' operation).
Line 226: Line 226:
'''Pattern examples:'''
'''Pattern examples:'''


:data: HELLO
:data: HELLO
:data type: string
:data type: string
:pos: 0
:pos: 0
Line 232: Line 232:
'''Meaning: The pattern only applies if the text “HELLO” is found exactly at the start of the payload data.'''
'''Meaning: The pattern only applies if the text “HELLO” is found exactly at the start of the payload data.'''


:data: 8779827668
:data: 8779827668
:data type: hexadecimal
:data type: hexadecimal
:pos: 10-20
:pos: 10-20
Soumar
1,775

edits

Retrieved from "https://allegro-packets.com/wiki/Special:MobileDiff/2264"