This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to make a high level flow graph from a network capture

0
1

Hello, I have a network capture that contains all the exchanges between a device and some remote servers, there are a lot of exchanges, on different destinations, on different protocols (ntp, http, https, etc.) and I would like to build a Flow Graph but at a macro level, that shows only the interactions between my device and the remote servers. For instance one arrow that represents exchanges for NTP trafic between my device and destination A, if possible with FQDN and not with IP address, one arrow for HTTPS traffic exchanges with destination B, and so on. Is anybody knows how to achieve this ? Thanks in advance. Regards.

asked 18 Jan '16, 08:28

giraudeau's gravatar image

giraudeau
6122
accept rate: 0%

2 Answers:

0

Does ntop help here?

answered 18 Jan '16, 21:34

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%

0

See my answer to a very similar question:

https://ask.wireshark.org/questions/41185/how-can-i-draw-a-network-graph-with-wireshark

Plus:

http://visitrend.tumblr.com/post/127988124661/visitrend-vs-splunk-for-pcap-analytics

Regards
Kurt

answered 19 Jan '16, 07:26

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%