Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Application-level network monitoring/bandwidth tool for Unix/Mac OSX

Posted on 2006-06-12
4
Medium Priority
?
705 Views
Last Modified: 2013-11-13
Hi,

There are squillions of tools out there that provide traffic analysis on networks at the IP/Port level, but none that I can see that roll up to the "application" level (e.g., Firefox=10.4%, iChat=39.1%, Azureus=27.6%, ...)

Does anyone know of a tool that will show me dynamically:

a) A breakdown of bandwidth usage by Unix process (KB/sec incoming/outgoing), something perhaps like "top" does for processes
b) A breakdown by "application" (I guess somehow determing what processes are actually applications versus processes. This is likely OS specific, in which case I am searching for Mac OS X specifically)
c) A GUI based tool that provides this information. (X11 or preferably a Mac OS X native one)

The ideal tool would show dynamically bandwidth utilisation of a given application, say Firefox, through a network adapter, say en0 or whatever. The idea being simply to see at a glance which *apps* are chewing up the limited bandwidth of a broadband connection (as opposed to which TCP/IP port).

This is small fry stuff, so a free or inexpensive (say under $50) solution is required

Any help much appreciated. Points awarded to first really good suggestion that solves a,b,c  or split between the first few reasonable suggestions that give some of the above.

Thanks in advance
Sean
0
Comment
Question by:swatharow
  • 2
  • 2
4 Comments
 
LVL 3

Accepted Solution

by:
matheweis earned 1200 total points
ID: 16923496
Such a tool would be useful, unfortunately, I don't know that it can (at least reasonably) be done.

Here's a few clues to get you on track if you want to dive further into it:

Apart from the information provided by top, the only other process-level information that I know of requires process accounting to be turned on (accton from the command line) There's a program for UNIX out that tracks process accounting information called `atop`, but I've never seen a version for OS X.

Even if you do get `atop` working, it still doesn't track I/O. There's a kernel patch out there for UNIXes that will allow atop to track I/O; I have no idea how well it would work with OS X. Then, once you have the per-process I/O, you need would need to figure out how to seperate it file I/O from the network I/O.

Here's a list of all the (non-gui) programs I know of that will tell you some bit of useful system information (But still not per-process I/O) If you're up to it, most of them can be tapped into with AppleScript for a simpl GUI.

top (Running process)
lsof (Opening files and network sockets)
fs_usage (Running list of file system accesses)
vm_stat (Virtual memory statistics)
sc_calls (Running list of system calls)
iostat (Data read and written from drives)
netstat (Active 'net connections)
accton (Process accounting)

You can look at man [process-name] for more info on each of these.
0
 

Author Comment

by:swatharow
ID: 16948059
OK, thanks. I guess I'll just work with those programs and see what I can do. It must be possible because there's a program for the Mac called Little Snitch that intercepts Internet I/O on an application by application basis. So somehow you are clearly able to link network activities to an application, presumably including the volume of traffic.

Since there are no other responses to this, I'll pass the points on to you.

Thanks.
0
 
LVL 3

Expert Comment

by:matheweis
ID: 16948139
swartharow - Thanks for the points.

As seen in the Little Snitch FAQ (http://www.obdev.at/products/littlesnitch/faq.html), they use a proprietary kernel extension to track network activity on a per-application basis. Once you get into writing your own kernel extensions, well, there's not much limit to what can be done.

Sorry we couldn't find what you were looking for... Again, as far as I know, there's nothing really that can do it on the OS X side. What you're really looking for, I think, is an OS X equivalent to the PC program Net Monitor.

You might also try asking the writers of Little Snitch if they are planning on incorporating that ability into future versions of the software. Since they've already written the kernel extensions, it might not be that difficult to add that capability. Worth a try at least.
0
 

Author Comment

by:swatharow
ID: 16948161
Great. Thanks for all the info. I might ask the Little Snitch people what their plans are.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

SUMMARY Enterprise backup in a heterogeneous network is a subject full of complications and restrictions. Issues such as filename & path structure, attributes and extended metadata always tend to complicate the subject to the extent where either …
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Suggested Courses

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question