I'm new to Wireshark and I want to be able to take the measure of our File Server bandwidth utilisation for a possible move into a remote location. So I want to capture (by port miroring) on a week my file server.
For testing purpose I start a capture excluding broadcast and multicast packets, in files with a 5 minutes rotation for a couples of hour. My problem is that I will rapidly run out of disk space.
What is the best way to measure bandwidth without catching all gigabytes and terabytes data exchange on that server ?
asked 15 Jun '12, 12:31
You should not capture with wireshark or tshark, as they will build internal state while dissecting data.
I suggest this:
answered 15 Jun '12, 14:13
Kurt Knochner ♦
edited 16 Jun '12, 01:39
I wouldn't use wireshark for this task. I would use SNMP to read the port statistics of the switch to which the fileserver is connected (or read the WMI stats from the server itself through SNMP).
One nice little SNMP tool is STG (freeware)
UPDATE: I totally forgot to mention the blogpost I wrote a while ago on how to use STG.
answered 16 Jun '12, 04:51
edited 16 Jun '12, 04:53