Exporting to Optimal CSV Format | Finisar Surveyor specification

Utilities 13

Export Utilities

To export packet decode information, do the following:

1.Set the Summary Pane of the Capture View window to display the protocol decode information you want to export. For example, packets numbered -0004 through 0013.

2.Select a packet within the window.

3. Press the button. A window displays containing the protocol decode data that was visible in the summary pane of the Capture View window.

4.Select the data you want from the window and press Ctrl + C.

5.Switch to the application where you want to store the packet information.

6.Press Ctrl + V.

7.Click on a Surveyor window to return to Surveyor.

If you select a portion of the current packet within the detail decode of the packet, the entire decode for this single packet is moved to the copy window for export.

Exporting Tables to CSV Format or Graphs to a Bitmap

You can export tables to CSV format (Excel) or charts to BMP format (bit mapped graphic). When saving a chart to a bitmap, it is recommended that the display settings for your monitor be greater than 256 colors to create an image with accurate colors.

1.Select the view you want to export. Press one of view buttons on the Data Views or the Capture View toolbar. If you already have the desired view window open, click the window to make it the currently selected view.

2.Click the Table tab to export to CSV format or click the Chart tab to export to a bitmap.

3.Choose Export… from the File menu.

4.Enter the file name in the Save As... dialog box. Table views will automatically be saved in CSV format and the file is given an extension of .csv. Chart views will automatically be saved in BMP format and the file is given an extension of .bmp.

5.Click the Save button.

Exporting to Optimal CSV Format

Optimal Performance, from Optimal Networks Inc., is a tool for planning, deploying, and troubleshooting distributed applications on large enterprise

13-9

Image 387

Finisar Surveyor manual Exporting Tables to CSV Format or Graphs to a Bitmap, Exporting to Optimal CSV Format

Contents

Surveyor Term Trademarks and CopyrightsFinisar Software License Agreement License Limitation of Liability Limited Software WarrantyRestricted Rights Legend Patent and Copyright Indemnification World-Wide Web Mailing Address Customer Support PhoneCustomer Support FAX Internet Address Table of Contents Surveyor Configuring Surveyor Views Resources and Modes Capture and Display Filters Transmit Specification 10-1 Alarms 10-15 10-58 Multi-QoS 11-1 10-102 Utilities 12-113-1 Counters Parser Names Implementation ProfilePre-Defined Filter Templates Keyboard Shortcuts List of Figures 10-1 List of Tables Application Layer Host Table View, Table Column Descriptions 11-21 11-8 Surveyor Introduction Surveyor Functions Surveyor FunctionsFunction Description Introduction Finisar Device Description Analyzer DevicesProtocols Supported Finisar Analyzer Devices XNS Banyan Vines Suite AppleTalk Phase2DECnet Phase Oracle Suite IPX/SPX Suite IBM ISO Capture Management Whats New in ReleaseCapture to Disk and THGsE Analyzer Support Disk Caching Expanded Multi-QoS Support Smnp Extended AgentNew and Enhanced Protocol Decodes Surveyor PII System RequirementsSystem Requirements RAM Upgrading Surveyor Supported Analyzer Cards and Network Adapter CardsDesktop PC Installing Surveyor Installing THGm, Windows 2000/XP Installing Analyzer HardwareInstalling Analyzer Hardware in a Desktop PC Installing the THGm, Windows NT Installing Analyzer Hardware in a Notebook PC Cdrom Installation Installing More Than One Analyzer Card in a Notebook PC Hardware/Software Compatibility Matrix Compatibility Matrix Surveyor Launching Surveyor Surveyor System Default Account Names, Passwords and Privileges Basic Navigation Tips Surveyor Getting Started Buttons and Toolbars Surveyor ToolbarModule Toolbar Summary View Buttons and Toolbars Detail View Toolbar Getting Started Data Views Toolbar Getting Started Surveyor Filter Design Toolbar Filter States Design ToolbarDesign window Surveyor Capture View Toolbar Surveyor Getting Started File Formats Providing a Name Table to Surveyor Establishing Links for THGm Configuring the Interface Customizing Views and WindowsDocking Windows Capture View Display Options Configuring Surveyor Histogram Options Setting Histogram Colors Choose Monitor View Preferences Setting Histogram Zoom FactorSetting the Histogram Download Size Setting the Monitoring View for a Module Table Views Configuring Chart Views Hardware Device Properties Module Settings Properties Packet Slice Slicing Size Default Module SettingsModule Setting Default Values Buffer Size Modes Expert Analysis ModeNon-Well-Known-Ports Mode Stop-and-Save Capture Buffer WKP4620 System SettingsMonitor M-QoS Only Mode Configuring Ports to Scan RSP Time Out value Configuring Remote Communications Protocol Color Coding Setting Update Timers Display Timer Default Value Default Display Timer Settings Disk Options Cache File LocationDisk Capture Location Mmddhhmm.ss Mmmonth ddday hhhour mmminute sssecond Configuring AlarmsConfiguring Counter Logging History Log File Settings and Default Values Log Setting Configuring a Multi-Port Tap or Switch Configuring a Multi-Port Tap or Switch Resetting an Analyzer Device Settings for Analyzer DevicesSetting the Local COM Port for Taps and Switches Connecting a Tap with THGs or THGsE Updating an Analyzer Device Click the Reset Host/Image Upgrade button Advanced Configuration Customizing Expert Diagnostic InformationSurveyor.ini File Assigning Names to Protocols Monitor MONITOR.INI FormatMapping= port num,short name,long name MONITOR.INI Examples Port numShort name Long name Mapping=921,CXP,Company X Protocol Mapping=6063, XWIN6063,X Windows on portMapping=2900,VIDEO,Video Audio Network Communicator Monitoring Well-Known Ports How Surveyor Assigns Protocol Names Name TCP port values 11. Default Names for Non-WKP TCP Ports12. Default Names for Non-WKP UDP Ports Monitoring Non Well-Known Ports Parser name Assigning TCP or UDP Ports to Protocol ParsersMapping=port num,ip addr,parser name,name Port num Ip addr Parser Names Surveyor Resource Browser Resources and Modes Remote Resources Software Surveyor Host Properties Dialog Box for Establishing an Alias Naming Remote IP Resources Aliases Resource Protection Remote User PrivilegesPrivilege Description Surveyor Resource Modes Description Resource Type Settings option from the ModuleModes Hardware Devices Hardware Device Capabilities Synchronized Resources Hardware Device CapabilitiesNdis Hints and Tips for Resources Surveyor Views Static Data Summary View Module Window Tabs Within Summary ViewTab Description/Action Vlan Detail View Detail View Using Capture + Monitor Mode in Detail View Capture View Capture View WindowSummary Pane Display Options Configuring the Capture View DisplayCreating Filters from Capture View Exporting and Printing Decodes Other Options Histogram Options Histogram Display and Button Controls Histogram Color Coding Views Histogram Display Showing Colors Histogram Display, Large Capture Example Histogram Default Colors Histogram Button Controls Sizing/Selecting Areas with the Mouse Histogram Mouse Controls Linear Scale or Logarithmic Scale Right Mouse Options in the HistogramSaving Portions of the Data Line Graph or Stair Step Button Description/Action Packet EditorResume Analysis Packet Editor Buttons Ring Statistics View Token Ring Only Data ViewsEditing in Decode View Editing in Hex View MAC Statistics View Capture MAC Statistics View Rx Frame Size Distribution View MAC Statistics View Tx Protocol Distribution View Chart NET Protocol Distribution View, Chart Buttons ProtocolsChart Button Description/Action Protocol Distribution View, Chart Buttons Packets 10. Protocol Distribution View, Table Column Descriptions Utilization/Error ViewProtocol Distribution View, Graph Type Buttons Display Button Description/Action 11. Host Table View, Table Column Descriptions Host Table View Network Layer Host Table View 12. Network Layer Host Table View, Table Column Descriptions Application Layer Host Table View Host Matrix View 14. Host Matrix View, Table Column Descriptions 15. Network Layer Matrix View, Table Column Descriptions Network Layer Matrix View Application Layer Matrix View Vlan 16. Application Layer Matrix View, Table Column Descriptions Vlan View Address Mapping View 17. Vlan View, Table Column DescriptionsTable Column Description Vlan ID Duplicate Address View Expert plug-in only18. Address Map View, Table Column Descriptions 19. Duplicate Address View, Table Column Descriptions Expert View Expert plug-in only Application Response Time View Expert plug-in onlyMulti-QoS View Multi-QoS software only Hints and Tips for Using Views Surveyor Getting Started with the Filter Interface Press the Create/Modify Capture FilterFilter Design window Available Filter Templates box Creating Filters with Filter Templates Add Port Numbers to Custom Filter Templates Sample Filter Design window is shown below ISL, Q+EV2 Creating and Applying a ConversationProtocol and Frame Type Station Addresses Apply Conversation to Template Check Box Traffic Direction Indicator Conversation Element Description Creating and Applying a Port NumberSelecting Filter Templates Defining Port Numbers Multiple Byte Patterns in Filter Templates Creating Custom Filter TemplatesCustom Templates Based on Pre-Defined Templates Custom Templates Based on Specification of Byte Patterns Entering Values that Cross Byte Boundaries Bit-Level Filtering Creating Filter Template Combinations Filter Creation Template Combination box Filter ActionsOperator Buttons for Template Combinations Description Not Packets until the buffer is %% full field Actions for Capture FiltersCapture Filter Actions Action Description Actions for Display Filters Counter Conditions for FiltersDisplay Filter Actions Capture Filter Global Description Global Values that Affect Capture Filter ActionsFrame Types Capture Filter Global Values Frame types are shown in Table Multi-State and Multi-Statement Filters Example Filter States Design Window Filter Structure Filter States Changing States Changing Filter OperationGoTo Current State Filter Statements Capture and Display Filter Differences Activating Display FiltersActivating Capture Filters Filter Example, Capture Conversation Filter Examples Surveyor Filter Design Window, Template Combination Example Filter Example, Template Combination Surveyor Filter Design Window, Capture TCP Port Example Filter Example, Capture TCP Port Traffic Surveyor Advanced Filter, Filter States Design Window Filter Example, Advanced Filter Rules of the Capture or Display Filter Hints and Tips for Using Filters Filtering Tips Unique to THG-class Devices Transmit Specifications Transmit Specification Defined Streams List Box Transmit Specification Dialog Box Radio Buttons and Fields for Defining a Stream Stream Function Buttons Transmission Mode and Status ControlsTransmit Specification Control Buttons Stream Buttons Transmit Specification Control Buttons Control Button Transmit Specification FunctionRepeating Frames Surveyor Stream Modes Stream Mode Rate SettingStream Modes Bursts Transmission Mode Specifying Transmit DataPacket Editor Packet Editor Button Editing Function Changing Fields Directly in the Dialog Box Data Field DA and SA FieldsPacket Type Packet Size Creating Templates Using Templates Transmitting Capture Files Transmit Specification Examples Transmit Specification Example, Packet Gaps Transmit Specification Dialog Box, Bursts Transmit Specification Example, Bursts Hints and Tips for a Transmit Specification Surveyor Alarms Current Module Alarms Current Module Alarms Alarms Alarm Editor Alarm Editor DescriptionMqos Multi-QoS Alarms Expert Alarms Transport LayerData Link Layer, Ethernet YES Using Alarms with Different Devices Thresholds and Alarms Alarm Actions Description Support by Host Type Alarm Actions Settings Log File SettingsMail Settings Alarm Actions Snmp Trap Settings Pager Settings Trap Settings for THGs Trap Settings for Surveyor Hosts Hints and Tips for Alarms Viewing the Alarm List and the Alarm Log Alarm Example, Utilization Alarm Examples Alarm Example, MAC Errors Alarm Example, MAC Errors Alarm Example, Frame Size Alarm Example, Frame Size Alarm Example, Call Jitter and Call Setup Time Alarm Example, VoIP Calls 10. Alarm Example, Expert and Application Response Alarm Example, Expert and Application Response Surveyor Expert Features Duplicate Network Address View Expert System ViewsGetting Started with Expert View Application Response Time View Expert Features Expert Overview Details Expert Overview Detail Table Example Layer Description Expert Layers Expert Application Layer Example 10-8 Expert Symptoms and Analyses by Layer Expert Analyses Expert Symptoms, Analyses, and Network Entities SymptomsTables in the Detail Area for Symptoms Analyses Tables in the Detail Area for AnalysesEntities Entities for the Transport Layer Example Application/Session Lists for Entities Transport Lists for EntitiesNetwork Lists for Entities Data Link Lists for Entities Expert Diagnosis Example Expert Diagnostic Messages Working with the Expert System Configuring the Expert System Setting Expert Alarms Module Settings for the Expert System Exporting Expert Data Printing Expert DataWorking with Timestamps Working with Analyzer Devices Application Response Time Application Layer Excessive Mailslot BroadcastsRate of change of SMB Mailslot Broadcasts=40 FTP Login Attempts Expert SymptomLogin attempts=4 Time passed since last announcement=4000 ms 3000 ms Missed Browser Announcement Between 00000010.0207012303E3 and 302A9950.000000000001 NCP File Retransmission NCP Read/Write Overlap Requests denied within 100 ms=5 NCP Request Denied Loops on same request in 100 ms NCP Request Loop Rate of change of NCP Server Busy=5 NCP Server Busy File retransmission ratio is 8 / 28 = 28% NCP Too Many File Retransmissions Requests denied ratio is 8 / 28 = 28% NCP Too Many Requests Denied Requests loops ratio is 8 / 28 = 28% NCP Too Many Request Loops NFS Retransmissions Http Post request not responded No Http Post Response Smtp server not responded No Server Response Slow Http GET response=3608 ms 2000 ms Slow Http GET Response Slow Http Post response=2918 ms 2000 ms Slow Http Post Response Slow FTP server connect=298 ms 200 ms Slow Server Connect Slow Smtp server response=1258 ms 1000 ms Slow Server Response Invalid network name in tree connect SMB Invalid Network Name Invalid password SMB Invalid Password Session Layer No Wins ResponseWins request not responded within 1000 ms Slow TNS server connect=298 ms 200 ms TNS Slow Server Connect Slow TNS server response=238 ms 200 ms TNS Slow Server Response Idle Too Long Transport Layer Station 206.250.228.11 not responding Non Responsive Station SA=206.250.228.69 DA=206.250.228.11 TCP Checksum Errors TCP Fast Retransmission TCP Frozen Window 10-48 TCP Long Ack Acknowledgement number is less than the one before TCP Repeat Ack TCP Retransmissions TCP RST Packets Rate of change of TCP SYN’s=150 TCP SYN Attack TCP Window Exceeded CountData length of 128 bytes exceeds last window size Between 206.250.228.69/TCP/IP WKP1988 206.250.228.11/SMTP TCP Window Probe Expert Diagnosis TCP Zero Window Retransmission ratio is 49 / 50 = 98% Too Many Retransmissions Network Layer Duplicate Network AddressAddr=206.250.228.67 SA=206.250.226.11 DA=206.250.228.69 Hsrp Coup Hsrp Errors Hsrp Resign Source Quench Redirect Icmp All ErrorsParameter Problem Destination Unreachable Icmp Bad IP Header Cannot be reached by SA=206.250.228.11 DA=206.250.228.69 Icmp Destination Host Access Denied Icmp Destination Host Unknown Icmp Destination Network Access Denied Icmp Destination Network Unknown Icmp Destination Unreachable 10-69 Icmp Fragment Reassembly Time Exceeded Icmp Fragmentation Needed D/F set Icmp Host Redirect Icmp Host Redirect for TOS Icmp Host Unreachable Icmp Host Unreachable for TOS Addr=206.250.228.69. Subnet mask=255.255.255.240 Icmp Inconsistent Subnet Mask Icmp Network Redirect Icmp Network Redirect for TOS Icmp Network Unreachable Icmp Parameter Problem Icmp Port Unreachable Icmp Protocol Unreachable Icmp Redirect Icmp Required IP Option Missing Icmp Source Quench Icmp Source Route Failed Icmp Time Exceeded Icmp Time to Live Exceeded Addr=255.255.255.255 Illegal Network Source Address IP Checksum Errors TTL=1 SA=206.250.228.69 and DA=206.250.228.11 IP Time to Live Expiring ISL BPDU/CDP Packets Vlan ID=1036 ISL Illegal Vlan ID Ospf Broadcasts RIP Broadcasts Rate of change of Router Broadcasts=5 Router Storm Addr=255.23.252.6 Same Network Addresses SAP Broadcasts Total Router Broadcasts Rate of change of Topology=10 Unstable MST Addr=0.0.0.0 Zero Broadcast Address Bad Frames MAC Layer Rate of change of Bcast/Mcast Packets=500 Broadcast/Multicast Storms CRC Frame counter CRC error with more than 63 bytes Rate of change of ARP Requests=20 Excessive ARP Rate of change of Bootp/Dhcp Requests=25 Excessive Bootp Excessive Broadcasts Excessive Collisions Excessive Multicasts Fragment Frame CRC error with less than 64 bytes Addr=FFFFFFFFFFFF Illegal MAC Source Address Jabber Frame CRC error with more than 1518 bytes Utilization=42% Network Overload New MAC Stations Oversized frame has more than 1518 bytes Oversized Frame Overload Frame Rate Overload Utilization Percentage Rate of change of Errors=450 Physical Errors Runt frame has less than 64 bytes Runt Frame Addr=00800F13A65B Same MAC Addresses Total MAC Stations Hints and Tips for Expert Features Summary of Expert Counters and Symptoms Response Time Alarm editorConfiguration dialog box Summary of Expert Features Summary of Expert Features TOS ISL BPDU/CDP Surveyor TCP RST Surveyor Multi-QoS Protocols Supported by Multi-QoS Using Multi-QoS with Analyzer Hardware Multi-QoS User Interface Overview Call Summary Range Table All Calls TableChannel View Table Call Details for a Single Call Surveyor and Rtcp Jitter ValuesSummary Range Graphs Call Tables for a Specific Range Multi-QoS Configuration Configuring Multi-QoS Alarm Log Monitor Only Protocol Type Timeout ValueRefresh Options MQoS Window Management Call Filtering with Multi-QoS Multi-QoS Performance Optimization All Calls Table H323Red Phone All Calls Table Field Descriptions Field Descriptions for All Calls Table Call Range Graphs and Summaries Call Jitter, Call Rtcp Jitter, Call Setup Time Multi-QoS Configuration, Call Jitter Ranges Multi-QoS Packets Dropped Graph Example Dropped Packets, Rtcp Dropped Packets Multi-QoS Configuration, Packets Dropped Call Range Summary Field Descriptions Field Descriptions for Call Range Summaries VQMon Metrics Multi-QoS R-factor Example Ranges for R-factors Network R-factor User R-factor Multi-QoS Configuration, R-factor Ranges 10. Multi-QoS Utilization Graph Example Utilization Graph 11. Example Call Details Window H.323 Field Descriptions for Call Details FID Sccp Call Field Descriptions Field Name Description H.323 Call Field Descriptions SIP Call Field Descriptions Field Name 10. Unknown Call Field Descriptions Channel Table Details 12. Channel Table Example 11. H.323, SIP, or Unknown Channel Table Column Descriptions Multi-QoS 12. Sccp Channel Table Column Descriptions Filtering on Single Channels Call PlaybackPlayback PCMU/PCMA Data Customizing All Calls or Range Summary Tables Customizing Multi-QoS Table Displays 14. Multi-QoS Channel Table View Options, Sccp Example Customizing Channel Tables Exporting Multi-QoS Data Exporting All Multi-QoS Data to CSV FormatChoose Export Multi-QoS Data... from the File menu Exporting a Single Multi-QoS Table to CSV Format 11-34 Packet Counters MAC Layer Counter TypesCounter Type Description Custom Counters Error Counters Counters Last frame received Expert Counters Network Unknown, Destination Host Unknown, Destination Net Overload Utilization Percent Surveyor Counter Log File Overview Multi-QoS Counters Log Directory Structure Utilities Name Table Utility Utilities Building a Name Table From the Network NIS2NAM output-name-table NIS-to-Name Table Conversion Utility Sniffer Translator Utility, Tool Menu Options Sniffer Translator UtilityInternet Advisor Translator Utility Get Version Information Utility Convert Capture Files to Histogram Files Merge Histogram FilesFrom the Tools menu, choose Merge Histogram Files Exporting Packets Extract Frames From a File Using a FilterLogging Utilities Export Utilities Exporting to Optimal CSV Format Exporting Tables to CSV Format or Graphs to a Bitmap Choose Export to Optimal Performance from the File menu Exporting Counter Log Files to Excel 13-11 13-12 Buffer Type Description BuffersHow Resources Use Buffers Table A-1. Buffer Types Used By Surveyor Resource Buffer Usage Table A-2. Resource Use of Buffers Hardware Dependencies Table A-3. Hardware Real-Time FunctionsTable A-4. Hardware Transmit Functions Table A-6. Hardware Connectivity Table A-5. Hardware Capture Functions Counters About Ndis ModeCaptured Packets Capture Rate / Transmit Speed Ndis Configuration Options Setting the InterfaceSet Capture Buffer and Packet Slicing Size Filter Templates Pre-Defined Filter Templates Macdamulticast ARPMacdabroadcast HEX Fffffffffff DEC EigrpIcmp Igmp RIP IPX RsvpSAP IPX Imap DNS TCPFTP Http Telnet SccpSmtp TCP NB-DATAGRAM DhcpDNS UDP Mgcp UDP Snmp NTPRIP UDP SIP HEX E0E0 Nmpi DsapHEX HEX F0F0 Snapcdp SnapHEX AAAA03 Snaparp Islftp IslarpIsldns TCP Isleigrp Islmgcp TCP IslldapHEX Ffffffffffff HEX 01005EFFFFFF Isltelnet IslsmtpIslssp Isltcp HEX 0C HEX 0DHEX 0B HEX 2A HEX 0EHEX 0F Nonmac Function Keys Keyboard Shortcuts Standard and Navigational Keys Keyboard Shortcuts Surveyor Table D-2. Parser Names, Applications and Others Recognized Parser NamesTable D-1. Parser Names, DLC Suite Parser Name Protocol Table D-3. Parser Names, Apple Talk Suite Parser Name Protocol NameTable D-4. Parser Names, Banyan Suite Table D-5. Parser Names, Cisco Suite Protocol Name Table D-6. Parser Names, DECnet Suite Protocol NameTable D-7. Parser Names, Fujitsu Suite Protocol Name Table D-9. Parser Names, Internet Suite Table D-8. Parser Names, IBM Suite Table D-9. Parser Names, Internet Suite Protocol Name Table D-11. Parser Names, Netware Suite Table D-10. Parser Names, Internet Next Generation Suite Table D-13. Parser Names, XNS Suite Protocol Name Table D-12. Parser Names, PPP Suite Protocol Name Table D-15. Parser Names, ITU Codecs Table D-14. Parser Names, H.323 Suite Table D-17. Parser Names, Other Multimedia Protocol Name Table D-18. Parser Names, Intel Suite Protocol NameTable D-19. Parser Names, VPN Suite Protocol Name Surveyor Glossary Alarm Browser Avvid Capture Mode Dram Expert View Log Files Ndis NIS Pause Sccp Token Error Transmit Specification WKP Index Index-2 Index Index-4 Index-5 Index-6 Index-7 Index-8 Index-9 Index-10 Index-11 Index-12 Index-13 Index-14