[BBLISA] statistical analysis of packet capture files
Rob Taylor
rgt at wi.mit.edu
Mon Aug 24 13:52:49 EDT 2015
Do you have any kind of monitoring system in place that can poll stats over time
from any of the respective devices? MRTG, Cacti, Zenoss?
What exactly does "slow" mean? Everything network related is slow, internet access is slow,
file services are slow, etc..
Are you experiencing unusually high packet loss?
Do you have any hosts you can run some empirical tests from when the issue occurs?
How often does it happen? I know you said random, but is that once a week, twice a day, etc..
If you have a spare windows box kicking around, PRTG is now free for up to 100 sensors,
which would be a quick way to get some SNMP or WMI monitoring going.
It can also do some active monitoring like pinging or http get's as well.
rgt
Whitehead Network/System Administrator
----- Original Message -----
>
> Our situation is that our network becomes slow at random times. We have
> looked at obvious things to look at, like the IO utilization and CPU and
> memory on the file server and we have attempted to look for error rates
> on switches, with no obvious useful result.
>
> What I would like to do is have one or more packet capture files from
> when the network is running smoothly, and then one or more samples from
> when it is not, and some sort of software to compare them statistically.
> Maybe it would produce a report of the types of packets whose frequency
> changed the most.
>
> Surely something like this must exist? It is conceptually
> (mathematically?) similar to bayesian spam detection, I would think.
>
> - Alex
>
> _______________________________________________
> bblisa mailing list
> bblisa at bblisa.org
> http://www.bblisa.org/mailman/listinfo/bblisa
>
More information about the bblisa
mailing list