Introducing Compass: Using Utilization Statistics for Network Forensics

The holy grail of effective network troubleshooting is the ability to pinpoint issues quickly so that they can be fixed. Any approaches to better optimize this particular network analytics process mean more uptime and healthy networks over the long run.

Here’s a suggestion – instead of loading all packets, shave off time by using utilization statistics about network traffic to provide clues that answer questions like “What happened?” “When?” “Who did it?” Only then determine what slice of time you want to perform deeper network analysis on.

To this end, WildPackets is releasing Compass, a freely available interactive forensics dashboard for the OmniPeek Network Analyzer. Compass’ dashboard graph (see screenshot) allows users to select specific time periods for analysis, add and remove nodes and protocols to the same graph, and compare and correlate these for different periods of time, over long periods of time.

In some cases, seeing the utilization in the Compass graph for the nodes and/or protocols in question may solve the problem. Otherwise, once a slice of time has been selected, the packets for just that slice of time can be loaded into OmniPeek by hitting the “Load Packets” button.  If that slice wasn’t the problem, just go back to the graph, slide the time window, and load a different slice of packets.


Leave a Reply