Synergy

Synergy: The working together of two or more things to produce an effect greater than the sum of their individual effects. 

So says the dictionary, but more to the point, synergy is what happens when you use multiple OmniPeek plug-ins together.   The effect is of course not limited to plug-ins, synergy is also found in the use of the many tightly integrated features like summary stats and graphs.   But plug-ins greatly increase the effect of built-in features as well increase the effect of each other.

For example, let's say that you want to capture the same packet from multiple locations on different segments of the network and compare certain things about them like the delta times, window sizes, and hop counts.   By using the Remote TCPDump Adapter Plug-in and the PeekPlayer Plug-in you can capture from multiple remote sources and aggregate all of them into a single capture window, in real-time.   Along the way, you may have used a C Decoder Plug-in, the WebStats Plug-in, or any number of other plug-ins that customize the workflow to the specific needs of your business.

Another example is using multiple RFGrabbers, where each one is capturing packets from a different channel, and using the PeekPlayer Plug-in to redirect all the packets into a single capture window.   In this way you can see the Signal and Channel graphs for all of the channels being monitored in a single capture window.   If you have not done this yet, give it a try.   The PeekPlayer makes it possible to redirect packets from one capture window to another.

Finally, take the first example and add the SQLFilter to the aggregating capture window so that as the packets are aggregated they are indexed into a single database for post capture data mining and forensics.  In this case, we are using OmniPeek, the Remote TCPDump Adapter, the PeekPlayer, and the SQLFilter.    You might also be using an expert logging plug-in, or any number of other plug-ins for filtering and processing of the packets in the final capture window.

One of the advantages in these scenarios is the aggregation of multiple streams into a single capture window in real-time.   This makes it easier to analyze the data and saves the user the time it would have taken to manually aggregate the packets through PeekCat.   But the other advantage is being able to do most of the configuration on the aggregated capture window instead of to all of them.  Again, this improves the workflow and as a result save the user time and money.

This is really all about improving workflow.   And since workflows are different from business to business and network to network, the ability to customize OmniPeek sets it apart from other products that are not quite so configurable.