|
Viewing your Statistics File |
The statistics gathered by Distinct Network Monitor can be viewed by clicking on the various topics in the left window of the Statistics.
|
|
All IP Traffic |
When viewing the All IP Traffic window you will see a graph showing the top 10 talkers in the top window. The bottom window lists all the IP addresses that are active on this network segment. Next to each IP address you will see:
- The IP type – this may be L for local subnet, 0 for outside of this subnet, B for broadcast and M for multicast.
- The system name
- The number of bytes/packets sent by the system
- The number of bytes/packets received by the system
- The total number of bytes/packets sent and received by the system.
To get more detailed information about the traffic for a particular IP address you need to click on that address. This will show you a detailed breakdown of the different protocols that the particular system has received or sent.
To find out which systems this particular IP address has been communicating with for any of the listed protocols, click on the protocol. This will show you the complete list of IP addresses that the system has been talking to, showing the bytes and packets sent and received.
To go back one level just click on the little blue arrow button in the toolbar or right-click the mouse button to select Go Back.
|
|
WhoIs |
We have built in automated WhoIs queries for you to quickly find out who is the registered owner of any particular IP address or domain name that one of your systems is talking to. To find this out position your mouse on the IP address in question and click on the right mouse button and choose WhoIs. This will display the registration information for the particular IP and the name of the WhoIs server that was queried for the information.
Note: If the system listed is not on the same hub, the traffic numbers do not indicate the total traffic for that system, but just the traffic created between it and other systems on the hub or switch being monitored.
|
|
Application Protocols |
This displays the traffic distribution by protocol for all traffic that was captured through the specified system.
It shows the list of application protocols showing how many bytes/packets were sent and received for each protocol. Protocols are identified by port number.
To view which IP addresses generated the packets for a particular protocol, click on the protocol name in the first column. This will show the list of IP addresses that generated the traffic and the IP addresses that they were communicating with. To move back one level click on the left arrow button in the toolbar or right-click the mouse button to choose Go Back.
|
|
Network Protocols |
This section shows the list of level three protocols such as IP and Netbeui showing the total number of bytes and packets transmitted for each one. To find out which systems generated the packets for a specific protocol, click on the protocol. This will provide a list of all the local MAC addresses involved in the traffic generation. Note that all packets that are received from outside the subnet will show up as being sent by the router and all packets being sent outside of the subnet will show up as being sent to the router.
|
|
IP Protocols |
This section lists the IP protocols and the total number of bytes and packets transmitted for each one.
|
|
MAC Traffic |
This section shows the list of MAC addresses that are active on the local subnet where the monitor is running. For each hardware address the following are displayed:
- IP address
- Bytes Sent
- Bytes Received
- Total Bytes
- Packets Sent
- Packets Received
- Total Packets
This includes all packets whether IP or otherwise that are over Ethernet or Token Ring and may include packets that are not parsed by the Network Monitor.
To get more detailed information on the traffic generated to and from a particular hardware address, click on it. You will see a list of protocols, ports and the number of bytes and packets sent and received. To go back one level click the left arrow.
|
|
Bandwidth |
Bandwidth usage over the specified time period using the number of samples specified. The time and sample size is defined by selecting the Statistics option in the Configure menu.
|
|
Packet Sizes |
This section provides an analysis of Packet size distribution showing the number of packets transmitted in various size ranges.
|
|
Adapter Statistics |
This window shows all the statistics that were reported by the NIC driver for the duration of the capture. The statistics displayed depend on the NIC driver. The errors shown here give you an idea on the state of the network segment being monitored.
|
|
General Statistics |
The following gives an explanation of each statistic in this category. If the NIC driver does not return the statistic, you will see n/a in the list.
Frames not transmitted or transmitted with errors shows the total number of packets transmitted with errors during the time that the network trace was on.
Frames received with errors shows the total number of packets received with errors during the time that the network trace was on.
Frames Missed, No Buffers shows the total number of packets that the NIC cannot receive due to lack of NIC receive buffer space.
Frames received with CRC or FCS errors are the packets received with cyclic redundancy check (CRC) or frame check sequence (FCS) error.
Directed frames/bytes transmitted without errors are the total number of packets that were transmitted directed to a specific IP address
Multicast frames/bytes transmitted without errors are the total number of multicast packets transmitted with no errors. A multicast packet contains a multicast group address in the destination address field of the IP header. Although there may be thousands of intended recipients only one given copy of a packet is generated at source, unlike a unicast packet, which would generate a copy for each recipient.
Broadcast frames/bytes transmitted without errors are the total number of broadcast packets transmitted with no errors.
Directed frames/bytes received without errors are the total number of packets received with the destination IP address in the header.
Multicast frames/bytes received without errors are the total number of multicast packets received with no errors.
Broadcast frames/bytes received without errors are the total number of broadcast packets received with no errors.
Length of transmit queue specifies the number of packets that are currently queued for transmission, on the NIC or in the driver’s-internal queue.
|
|
Ethernet Statistics |
The following describes what each Ethernet statistic reported means. If the NIC driver does not return the statistic, you will see n/a in the list.
Frames received with alignment Errors are the total number of packets received with alignment errors. Alignment errors usually occur when large amounts of data are transferred. Their presence usually indicates an error in the NIC board settings for FIFO threshold.
Frames transmitted with one collision are the total number of packets that are involved in a single collision and subsequently successfully transmitted. Their presence indicates that the network has light to moderate traffic. If this number exceeds 2% of the total transmit packets, this generally means overutilization of the network and is likely to affect the adapter performance.
Frames transmitted with more than one collision are the total number of packets involved in multiple collisions but which are subsequently transmitted successfully
Frames not received due to overrun are the total number of packets that were not transmitted due to an overrun condition. This error may be caused by a receive threshold that is too high.
Frames not transmitted due to underrun are the total number of packets that were not transmitted due to an underrun condition on the NIC.
Frames transmitted with heartbeat failure are the total number of frames successfully transmitted without detection of the collision-detect heartbeat.
Times carrier sense signal loss during transmission are the number of times that the carrier sense signal was lost during transmission.
Late Collisions Detected are the number of collisions detected after the normal window.
|
|
Summary |
Summary of the statistics recorded during the session and shows whether the Network Monitor driver dropped any packets.
|
|
Creating Reports |
To create a report of the statistics for a particular capture, select Statistics from the Reports menu and then select the format for your report. You may save the report as an HTML document or in csv format if you intend to import the data into a database.
Reports are saved to the Reports folder under the Network Monitor folder. You may change the folder in which to save your reports by changing the Report Folder path in the Statistics Settings configuration tab.
To generate a report:
- Make sure that the Statistics file or files for which you wish to generate the report are open.
- Select Statistics from the Reports menu, then select the type of report you wish to create, html or csv.
- The first time you create a report you will get the opportunity to choose your default folder in which to save your reports or accept the one created by the application. All subsequent reports will be created in the same folder. You may change this folder at any time by editing the entry in the Statistics Settings configuration tab.
- If you currently have more than one report open, you will be asked to select which of the open statistics files you wish to create reports for. Select the files by clicking on them, then click OK to proceed.
- Now you need to select whether you wish to create your report with all the available statistics or just for select statistics such as the IP statistics only. To deselect an entry just click on it. You can reselect entries by clicking on them again.
- Click OK to generate the report. If you are generating a single report, you will be asked if you wish to open it once it is generated. If you are generating multiple reports, they will be automatically appended to the Reports menu. You can open them directly from there. This menu will contain the last 10 reports generated.
|
<<< Table of Contents >>> | |