?
Solved

Wireshark flow graph

Posted on 2011-10-13
4
Medium Priority
?
700 Views
Last Modified: 2012-05-12
In the flow graph pane there are ip addresses at the top with arrows between them.

Some errors go off the screen to the right and don't show the other endpoint.

Are the ip addresses displayed at the top the hosts sending the most data and then the hosts not sending as much data are not shown at the top and get pushed off the screen to the right?



0
Comment
Question by:Dragon0x40
  • 2
4 Comments
 
LVL 17

Accepted Solution

by:
jburgaard earned 1336 total points
ID: 36969575
The way I see it (ver.1.4.9 at this moment) you have a timeline left
and conversations on a first seen basis in rows down.
You could select to display..
HTH
0
 
LVL 17

Assisted Solution

by:jburgaard
jburgaard earned 1336 total points
ID: 36969976
So instead of 'All packets'
if you had some sort of filtering made beforehand, you could show 'Displayed Packets'
(and so have less col.'s)

Alternatively if you actualy want the magnitude rather than the time in focus,
then you could show statistics-conversations rather than statistics--flow-graph
0
 
LVL 22

Assisted Solution

by:eeRoot
eeRoot earned 664 total points
ID: 36970564
Try filtering the packets so only the traffic you're interested in is showing.  When there is a lot of information, it can roll past the side of the windows.  I'm not sure if they consider that a bug or not.
0
 

Author Comment

by:Dragon0x40
ID: 36982817
The graph starts on the right with the computer running Wireshark and then the next packet source or destination host is shown?

I was hoping that it was left to right based on amount of packets/flow but it sounds like that is not the case.

Good to know that everyone else is experiencing the same result with flow-graph.
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question