|
use the Host Chart to show how much traffic each station is generating. The Host Table displays active hosts along with OSI Layer 2 (MAC) or OSI Layer 3 (IP) information. |
the Host Chart and Host Tables are combined into a single view. The Top Talkers display provides the same information plus lets you drill down for more detailed station-level information.
Observer’s Top Talkers quickly and clearly shows who is using network bandwidth and whether a particular user, station, or application is consuming more network bandwidth than it should.
- View traffic patterns
- Detect faulty hardware
- Determine bandwidth usage by system
|
 |
the packet capture window shows packet header information. The packet capture decode window provides decode information and raw data. Header information is supplied on a separate screen. |
information that is displayed in separate LanHound windows has been consolidated into a single view. The industry-standard three pane Decode Display in Observer shows complete packet information, including:
- Packet header information
- Decode information
- Raw packet display pane
The Decode Display also shows the number of packets currently in the buffer, the first packet in and the last packet out. A variety of shortcut keys allow for quick and easy navigation inside the Decode Display.
|
 |
the TCP UDP Chart provides a graphical representation of current protocols being used on the network, including historical and “real-time” sampled data. The TCP UDP Port Table provides a spreadsheet format of protocols being used on the network. |
these two views have been combined into a single view. Protocol Distribution provides more than a list of protocols; it also lists server activity for recognized applications and bandwidth utilization statistics. This will let you quickly identify misconfigured servers and applications that don't belong on the network.
|
 |
the Traffic Matrix chart shows what proportion of network traffic is associated with pairs of connected workstations.
the Traffic Monitor shows connections between all monitored stations, refreshed at one-second intervals. |
simply open Internet Observer. From here, select the IP Pairs Matrix tab. Observer’s IP Pairs Matrix provides the same information, displaying true layer 3 IP address- to-address traffic. This shows what segments are using the Internet, and helps you to understand traffic patterns.
IP Pairs Matrix shows Internet usage by station along with traffic levels, even if users are downstream from the backbone. By right clicking within the matrix, you can start a packet capture on any connection of interest.
|
 |
you can set alarms to trigger when specific conditions occur under the TCP/UDP tabs of the Statistics sub-panel. |
the Triggers and Alarms functionality provides a more sophisticated ability to set triggers on multiple types of events using Boolean logic (and, or, exclusive or). In addition, you can configure the alarms to automatically notify you via e-mail or pager.
Observer’s main window conveniently displays triggers and alarms in the forefront, allowing a quick check on current alarms and associated activity. Alarms can be set from a pre-defined list or based on custom filters. Run alarms for specific VoIP conditions, WLAN activity, or other critical network changes. Multiple activities can be executed for any alarm including:
- Pop up message windows
- Activate captures
- Start/append logs
- Print trouble tickets
- Execute external programs
- Send an e-mail or pager message
|
 |
a user can start a packet capture based on a specific event. |
you can set triggers for a variety of functions. You can program Observer to start a packet capture or respond with any of a number of system actions when an alarm has been triggered.
|
 |
a pre-capture filter can be set for protocols, station addresses, specific protocol ports, MAC addresses, etc.
In LanHound, display filters are filters that are applied to currently displayed information. With Observer, you can post-filter on any packet capture, which applies to the whole buffer rather than just the currently displayed screen. This allows you to quickly page and search through filtered data, rather than having to re-apply the display filter each time you page to a new screen. |
Observer allows you to filter in a number of ways: pre-filter, post-filter, and fast post-filter.
You can pre-filter traffic before it is loaded into system memory, thus allowing you to run very long packet captures when you are focused on a particular type of traffic. You can also set post-filters when loading previously-captured buffers, allowing you to quickly find information in very large files. Whether you are running a live packet capture or examining a buffer file, you can invoke the fast post-filter option to quickly pare the buffer down to the packet(s) you are interested in.
|
| |
|
|
)
)
)
)
)
)
)
