Hi, Do we have any specific filter to use to find response times for an HTTP call to/from specific ip. Thanks, asked 09 Oct '12, 15:16  dvsrk edited 09 Oct '12, 22:40  Guy Harris ♦♦ |
One Answer:
"call" in what sense? Voice over IP phone call? HTTP request/response call? ONC RPC or DCE RPC or CORBA or... call? There's no way to determine calls and responses at the IP or TCP layer, so call/response times have to be determined at the call/response protocol layer. Several dissectors for Wireshark do match calls and responses, and provide response times; the time for a particular call will show up in the protocol details for the response, and some statistics for all calls and responses for some protocols are available under the "Service response time" submenu of the "Statistics" menu. Unfortunately, there is currently no request/response tracking for HTTP, so the best you can do is to look at the HTTP requests and replies, match them up yourself, and compute the difference between the request and response packet time stamps yourself. You might want to file a bug at the Wireshark Bugzilla requesting that HTTP request/response tracking be added as a feature. answered 09 Oct '12, 18:42 Guy Harris ♦♦ edited 09 Oct '12, 22:43 |
It's my apology to be not clear. I'm referring to HTTP req/resp call. Is there any way we can track down using wireshark.
I want to track down the calls from specific ip which are taking greater then 1 sec. Anyway possible using wireshark ?
Thanks.
Not easily, unfortunately. I've updated my answer to reflect that and give more details.
There's already an enhancement bug asking for HTTP response times: bug 7394.