When you have captured very large quantities of network traffic, it is difficult to know where to start your analysis for troubleshooting. You can either open individual trace files one at a time or run a time-consuming forensics search. Both techniques assume you have an idea about what to search for. The problem is, often times, you are clueless.
Our solution to this problem is Compass, a free interactive network forensics dashboard utility. Compass displays network utilization over time, including top nodes and protocols, from both OmniPeek network analyzer pkt files, as well as pcap files created from WireShark and other packet capture software. This insight and visibility into both the wired and wireless networks, allows network engineers to add and remove nodes and protocols and correlate these over different periods of time. With these capabilities, users can save time by determining which time segments require deeper network analysis.
Other major functionality of Compass enables you to
• Interact with statistics for network forensics
• Visually select statistics specific to a period of time
• Easily switch statistics between packets and bytes
• Easily alternate granularity between seconds and milliseconds
• Generate highly visual WYSIWYG reports on the fly
• Analyze both wired and wireless packets
The crux of having effective network troubleshooting is the ability to identify issues quickly and fix problems immediately. The visibility of Compass solves these problems by targeting exact time frames that need a deeper packet analysis, which in turn gives your network more uptime.