Hi What is the best way to view the difference between several captured graphs? Wireshark only display one graph at a time – how can I compare? Thanks asked 30 Oct '10, 08:38  jonesKon |
4 Answers:
Way back when, I used to use tcptrace and jplot. It took a little work to get it going but it fit my needs at the time. I also played around with "http://www.packetbone.com/Applications/Excel.htm" a while back. It wasn't too bad, but I found that Wireshark gave me most of what I need. When built in (graphing) capabilities are exceeded, I usually turn to 1) Cace's Pilot. AWESOME AWESOME tool! Good luck. Hansang answered 01 Nov '10, 15:34  hansangb |
Which graphs do you want to compare? You can (at least on a Windows host) open multiple graphs simultaneously - e.g., open the IO graph and then toggle back to Wireshark to open the TCP Time-Sequence graph. By toggling you can place them side-by-side. If you want to compare IO or TCP Time-Sequence graphs of two different trace files, open two instances of Wireshark and graph in each instance. If, however, you want to compare two traffic elements, such as all HTTP traffic to FTP traffic, you can add graph lines to a single IO or advanced IO graph. If you are interested in the TCP Time-Sequence graph of two conversations in a single trace file, you'll need to separate them into separate trace files - conversation filter them each out into separate files and open in separate Wireshark instances. answered 30 Oct '10, 10:54  lchappell ♦ edited 30 Oct '10, 10:55 |
hi You can have a look at this answer: http://www.mail-archive.com/[email protected]/msg12342.html Or use the following application which does this also: http://www.softpedia.com/get/Network-Tools/Network-Testing/CapsGraph.shtml answered 31 Oct '10, 03:50  ron |
Wouldn’t two monitors and two instances of wireshark be the best way to go? answered 01 Nov '10, 13:12  net_tech |
