Pcap analysis module: Difference between revisions
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
The pcap analysis module allows analyzing pcap files by sending them to the device. After analyzing the pcap, the web interface shows all the metadata as if the packets are live traffic at the time of the pcap recording. | The pcap analysis module allows analyzing pcap files by sending them to the device. After analyzing the pcap, the web interface shows all the metadata as if the packets are live traffic at the time of the pcap recording. | ||
'''Web Interface''' | '''Web Interface''' | ||
| Line 9: | Line 8: | ||
[[File:Pcap.png|1000px|none]] | [[File:Pcap.png|1000px|none]] | ||
|} | |} | ||
====Notes==== | ====Notes==== | ||
Starting pcap analyze will stop the network ports and thus the normal packet processing and forwarding is disabled. The network connections of the devices connected to the Multimeter will stop working. | Starting pcap analyze will stop the network ports and thus the normal packet processing and forwarding is disabled. The network connections of the devices connected to the Multimeter will stop working. | ||
==== Start new Upload==== | ==== Start new Upload==== | ||
| Line 27: | Line 22: | ||
The pcap file itself will not be stored on the storage of the Multimeter (except in the packet ring buffer, if activated in the upload modal dialog). | The pcap file itself will not be stored on the storage of the Multimeter (except in the packet ring buffer, if activated in the upload modal dialog). | ||
==== PCAP analysis statistics==== | ==== PCAP analysis statistics==== | ||
| Line 34: | Line 27: | ||
processed packet. When viewing the progress bar on a different tab or on a different browser, the progress bar | processed packet. When viewing the progress bar on a different tab or on a different browser, the progress bar | ||
will not show the correct value. | will not show the correct value. | ||
==== Viewing the pcap metadata==== | ==== Viewing the pcap metadata==== | ||
During and after the upload of the file, all modules will show the metadata produced by analyzing the packets in the pcap file. | During and after the upload of the file, all modules will show the metadata produced by analyzing the packets in the pcap file. | ||
==== Resuming normal operation==== | ==== Resuming normal operation==== | ||
After finishing the analysis, the processing can be set back to live mode by clicking the '''Resume normal operation''' button at the bottom of the page. | After finishing the analysis, the processing can be set back to live mode by clicking the '''Resume normal operation''' button at the bottom of the page. | ||
Revision as of 13:58, 20 August 2020
The pcap analysis module allows analyzing pcap files by sending them to the device. After analyzing the pcap, the web interface shows all the metadata as if the packets are live traffic at the time of the pcap recording.
Web Interface
 |
Notes
Starting pcap analyze will stop the network ports and thus the normal packet processing and forwarding is disabled. The network connections of the devices connected to the Multimeter will stop working.
Start new Upload
To select a file to analyze, simply drag a file from your file manager to the drop zone. The second option is to click into the drop zone. After a click, a file selection dialog will open. After selecting a file, the name and the size of the pcap will be displayed in the drop zone box.
To proceed, press the Upload and analyze pcap button. A modal dialog will open.
- A warning will be shown if the device is in bridge mode, since no more packets will be forwarded when starting pcap analyze mode.
- If a storage device is active, it is possible to buffer the packets on it. This allows simple extraction of packets as in live packet processing.
The pcap file itself will not be stored on the storage of the Multimeter (except in the packet ring buffer, if activated in the upload modal dialog).
PCAP analysis statistics
After the upload started, a progress section will be displayed. This includes a progress bar and the time of the last processed packet. When viewing the progress bar on a different tab or on a different browser, the progress bar will not show the correct value.
Viewing the pcap metadata
During and after the upload of the file, all modules will show the metadata produced by analyzing the packets in the pcap file.
Resuming normal operation
After finishing the analysis, the processing can be set back to live mode by clicking the Resume normal operation button at the bottom of the page.