Chapter 6 – Capturing Network Data for Analysis

This chapter covers details about capturing data and saving it for analysis and discusses how to save and archive capture files for logging and/or future base-lining. Using Sniffer Pro to capture traffic is one of the fastest ways to obtain a complete picture of what is happening on the network, analyze captured information, and resolve the issue. It is also possible to capture traffic, experiment with it, and analyze it in a test environment the way the network would react to specific groups of data. Besides the ability to capture all the data that is flowing on the network, Sniffer Pro has broad filtering capabilities that greatly facilitate troubleshooting on highly loaded networks. Once the data has been captured, the main task before the analysis is to save capture in the right way. There is a choice of saving between manual and automatic savings of captures, whichever is more convenient. The specifics of capturing data, the capture and analysis of Address Resolution Protocol (AKP), Internet Control Message Protocol (ICMP), Transmission Control Protocol (TCP), and User Datagram Protocol (UDP) have also been covered.