USB Presenter Capture: Difference between revisions

This page describes how the Allegro Network Multimeter allows a user to start a capture with a USB presenter. This capture can be actioned 'Back in Time' for a defined period.

In addition, the capture files can be uploaded to an SFTP server at a defined time.

This feature has been designed to allow non-IT staff to record/initiate pcaps when an error occurs; it also allows for captures without opening a Web interface.

Use case example

An IT or VoIP service provider needs to troubleshoot intermittent issues at a (residential) customer.

The service provider is limited by time, resources and packet capture/data collection constraints (AVG, GDPR).

With the Allegro Network Multimeter "USB Capture trigger" functionality, a "fool proof" remote control is handed to the customer, with the instruction to press any button when the issue arrises.

A simple button press on the remote, will initiate a pre-configured capture (filter + duration) around the time of the "incident", e.g. from 60s before until 60s after the "incident".

As only packets around an issue are being recorded and saved as a pcap, the service provider needs not sift through huge amounts of data for root-cause analysis.

Also, there are little to no privacy implications, since the capture was end-customer initiated, pre-filtered and limited to short time-intervals only.

Requirements

This feature is supported by all Allegro Network Multimeters, even for the VM Version starting at firmware Release 3.0. It requires a free USB port on the Allegro with USB 2.0 or higher. One internal or external disk needs to be configured at Generic → Storage and a ring buffer must be configured. Please note that the capture is extracted from the ring buffer and a ring buffer filter rules for packet slicing will affect the exported pcap.

As of now, the Logitech R400 is supported. Allegro will add more presenters on request. An optional USB sound device will play a beep when a key has been pressed.

USB Capture Trigger Setup

Connect the Logitech R400 USB dongle with the Allegro. If you have a Virtual Edition Allegro, please pass-through the USB device directly to the Allegro VM.

Once this is done, navigate to the Settings -> Expert settings page and open the USB capture trigger.

Once any key has been pressed on the presenter, one pcap will be generated. The pcap end time is when the button has been pressed and the start time is defined by the capture interval. As example, an interval of 60 seconds will generate a capture of the last minute when a presenter key was pressed.

The captures are stored at the root directory of the storage device or, if enabled, in the upload directory for SFTP uploads.

SFTP Export Setup

The Allegro can automatically upload pcap files to an SFTP server from the upload directory on the disk. To configure it, please navigate to Settings → Remote Access and Export → Pcap export via SFTP. This allow to export all captured pcap files at a certain time of day. As example it can be used to transfer pcaps during the night from remote locations to a central SFTP server.

Advanced Multi-pcap Setup

There are situations where the Allegro shall record multiple separate pcaps for a key with specific filters. This can be done by enabling the USB capture filter in the USB capture trigger dialog. The filter syntax is described in the Capture module.

A good example is the installation of an Allegro 500 with 2 links and 2 virtual link groups ( see Virtual Link Group Configuration Guide), one before and one behind the firewall.

As a second example you can record pcaps of up to 4 different IP addresses at the same time with just one click.