Hi, I am wondering what types of data visualization options Wireshark offers beyond IO and Flow graphs. It would be nice to have a "birds-eye view" option in the Statistics menu that let you see network traffic as a true network in link diagram form. And perhaps be able to dynamically change the network diagram in response to arbitrary BPF. It is much easier to catch odd / interesting network behavior when looking at the data this way. A while back I wrote up a crude POC of this in Perl: see https://sourceforge.net/projects/netxtract/. I find very useful , but the workflow to generate the graphs is very inefficient and ideally the graph would be displayed directly by some in-built Wireshark engine. Is this something other people would find interesting enough for me to begin working on? Thanks,- dorklord. asked 01 Apr '12, 04:54 dorklord edited 01 Apr '12, 11:06 helloworld |
2 Answers:
This isn't really a suitable question for Ask Wireshark. The best thing to do is check the Wireshark Bug Tracker for any similar requests, and if there is one add your comments to it, else create a new enhancement request. Discussions about any such enhancement would then occur on the developers mailing list. answered 01 Apr '12, 08:30 grahamb ♦ |
Check out WireViz (a Google Summer of Code 2011 project), which has a pretty straightforward workflow. The user accesses WireViz through a Wireshark menu. This was announced on the Wireshark developers mailing list last year. answered 01 Apr '12, 11:05 helloworld Cool! Kinda does something similar but graphviz isn't interactive like pajek is. But thanks I'll look at the code whichll probably save me a lot of time figuring out the API, thanks (01 Apr '12, 14:37) dorklord |
enhancement request submitted