Manuals / Finisar / Computer Equipment / Network Card

Finisar Surveyor manual Exporting Tables to CSV Format or Graphs to a Bitmap

Models: Surveyor

1 454

Download 454 pages 42.92 Kb

Page 387

Utilities 13

Export Utilities

To export packet decode information, do the following:

1.Set the Summary Pane of the Capture View window to display the protocol decode information you want to export. For example, packets numbered -0004 through 0013.

2.Select a packet within the window.

3. Press the button. A window displays containing the protocol decode data that was visible in the summary pane of the Capture View window.

4.Select the data you want from the window and press Ctrl + C.

5.Switch to the application where you want to store the packet information.

6.Press Ctrl + V.

7.Click on a Surveyor window to return to Surveyor.

If you select a portion of the current packet within the detail decode of the packet, the entire decode for this single packet is moved to the copy window for export.

Exporting Tables to CSV Format or Graphs to a Bitmap

You can export tables to CSV format (Excel) or charts to BMP format (bit mapped graphic). When saving a chart to a bitmap, it is recommended that the display settings for your monitor be greater than 256 colors to create an image with accurate colors.

1.Select the view you want to export. Press one of view buttons on the Data Views or the Capture View toolbar. If you already have the desired view window open, click the window to make it the currently selected view.

2.Click the Table tab to export to CSV format or click the Chart tab to export to a bitmap.

3.Choose Export… from the File menu.

4.Enter the file name in the Save As... dialog box. Table views will automatically be saved in CSV format and the file is given an extension of .csv. Chart views will automatically be saved in BMP format and the file is given an extension of .bmp.

5.Click the Save button.

Exporting to Optimal CSV Format

Optimal Performance, from Optimal Networks Inc., is a tool for planning, deploying, and troubleshooting distributed applications on large enterprise

13-9

Image 387

Finisar Surveyor manual Exporting Tables to CSV Format or Graphs to a Bitmap, Exporting to Optimal CSV Format

Contents

Surveyor Term Trademarks and CopyrightsFinisar Software License Agreement LicenseLimitation of Liability Limited Software WarrantyRestricted Rights Legend Patent and Copyright IndemnificationWorld-Wide Web Mailing Address Customer Support PhoneCustomer Support FAX Internet AddressTable of Contents Surveyor Configuring SurveyorViews Resources and ModesCapture and Display Filters Transmit Specification10-1 Alarms10-15 10-58 Multi-QoS 11-1 10-102Utilities 12-113-1 CountersParser Names Implementation ProfilePre-Defined Filter Templates Keyboard ShortcutsList of Figures 10-1 List of Tables Application Layer Host Table View, Table Column Descriptions 11-21 11-8 Surveyor Introduction Surveyor Functions Surveyor FunctionsFunction Description Introduction Finisar Device Description Analyzer DevicesProtocols Supported Finisar Analyzer DevicesXNS Banyan Vines Suite AppleTalk Phase2DECnet Phase Oracle Suite IPX/SPX SuiteIBM ISO Capture Management Whats New in ReleaseCapture to Disk and THGsE Analyzer Support Disk CachingExpanded Multi-QoS Support Smnp Extended AgentNew and Enhanced Protocol Decodes Surveyor PII System RequirementsSystem Requirements RAMUpgrading Surveyor Supported Analyzer Cards and Network Adapter CardsDesktop PC Installing Surveyor Installing THGm, Windows 2000/XP Installing Analyzer HardwareInstalling Analyzer Hardware in a Desktop PC Installing the THGm, Windows NTInstalling Analyzer Hardware in a Notebook PC Cdrom Installation Installing More Than One Analyzer Card in a Notebook PC Hardware/Software Compatibility Matrix Compatibility MatrixSurveyor Launching Surveyor Surveyor SystemDefault Account Names, Passwords and Privileges Basic Navigation Tips Surveyor Getting Started Buttons and Toolbars Surveyor ToolbarModule Toolbar Summary View Buttons and Toolbars Detail View Toolbar Getting Started Data Views Toolbar Getting Started Surveyor Filter Design Toolbar Filter States Design ToolbarDesign window Surveyor Capture View Toolbar Surveyor Getting Started File Formats Providing a Name Table to Surveyor Establishing Links for THGm Configuring the Interface Customizing Views and WindowsDocking Windows Capture View Display Options Configuring Surveyor Histogram Options Setting Histogram ColorsChoose Monitor View Preferences Setting Histogram Zoom FactorSetting the Histogram Download Size Setting the Monitoring View for a ModuleTable Views Configuring Chart ViewsHardware Device Properties Module Settings PropertiesPacket Slice Slicing Size Default Module SettingsModule Setting Default Values Buffer SizeModes Expert Analysis ModeNon-Well-Known-Ports Mode Stop-and-Save Capture BufferWKP4620 System SettingsMonitor M-QoS Only Mode Configuring Ports to ScanRSP Time Out value Configuring Remote CommunicationsProtocol Color Coding Setting Update TimersDisplay Timer Default Value Default Display Timer SettingsDisk Options Cache File LocationDisk Capture Location Mmddhhmm.ss Mmmonth ddday hhhour mmminute sssecond Configuring AlarmsConfiguring Counter Logging History Log File Settings and Default Values Log SettingConfiguring a Multi-Port Tap or Switch Configuring a Multi-Port Tap or Switch Resetting an Analyzer Device Settings for Analyzer DevicesSetting the Local COM Port for Taps and Switches Connecting a Tap with THGs or THGsEUpdating an Analyzer Device Click the Reset Host/Image Upgrade buttonAdvanced Configuration Customizing Expert Diagnostic InformationSurveyor.ini File Assigning Names to Protocols Monitor MONITOR.INI FormatMapping= port num,short name,long name MONITOR.INI Examples Port numShort name Long nameMapping=921,CXP,Company X Protocol Mapping=6063, XWIN6063,X Windows on portMapping=2900,VIDEO,Video Audio Network Communicator Monitoring Well-Known Ports How Surveyor Assigns Protocol NamesName TCP port values 11. Default Names for Non-WKP TCP Ports12. Default Names for Non-WKP UDP Ports Monitoring Non Well-Known PortsParser name Assigning TCP or UDP Ports to Protocol ParsersMapping=port num,ip addr,parser name,name Port num Ip addrParser Names Surveyor Resource Browser Resources and ModesRemote Resources Software SurveyorHost Properties Dialog Box for Establishing an Alias Naming Remote IP Resources AliasesResource Protection Remote User PrivilegesPrivilege Description Surveyor Resource Modes Description Resource Type Settings option from the ModuleModes Hardware DevicesHardware Device Capabilities Synchronized Resources Hardware Device CapabilitiesNdis Hints and Tips for Resources Surveyor Views Static Data Summary View Module Window Tabs Within Summary ViewTab Description/Action Vlan Detail ViewDetail View Using Capture + Monitor Mode in Detail View Capture View Capture View WindowSummary Pane Display Options Configuring the Capture View DisplayCreating Filters from Capture View Exporting and Printing DecodesOther Options Histogram OptionsHistogram Display and Button Controls Histogram Color CodingViews Histogram Display Showing Colors Histogram Display, Large Capture Example Histogram Default ColorsHistogram Button Controls Sizing/Selecting Areas with the Mouse Histogram Mouse ControlsLinear Scale or Logarithmic Scale Right Mouse Options in the HistogramSaving Portions of the Data Line Graph or Stair StepButton Description/Action Packet EditorResume Analysis Packet Editor ButtonsRing Statistics View Token Ring Only Data ViewsEditing in Decode View Editing in Hex ViewMAC Statistics View Capture MAC Statistics View RxFrame Size Distribution View MAC Statistics View TxProtocol Distribution View ChartNET Protocol Distribution View, Chart Buttons ProtocolsChart Button Description/Action Protocol Distribution View, Chart Buttons Packets10. Protocol Distribution View, Table Column Descriptions Utilization/Error ViewProtocol Distribution View, Graph Type Buttons Display Button Description/Action11. Host Table View, Table Column Descriptions Host Table ViewNetwork Layer Host Table View 12. Network Layer Host Table View, Table Column Descriptions Application Layer Host Table View Host Matrix View 14. Host Matrix View, Table Column Descriptions 15. Network Layer Matrix View, Table Column Descriptions Network Layer Matrix ViewApplication Layer Matrix View Vlan 16. Application Layer Matrix View, Table Column DescriptionsVlan View Address Mapping View 17. Vlan View, Table Column DescriptionsTable Column Description Vlan ID Duplicate Address View Expert plug-in only18. Address Map View, Table Column Descriptions 19. Duplicate Address View, Table Column DescriptionsExpert View Expert plug-in only Application Response Time View Expert plug-in onlyMulti-QoS View Multi-QoS software only Hints and Tips for Using Views Surveyor Getting Started with the Filter Interface Press the Create/Modify Capture FilterFilter Design window Available Filter Templates box Creating Filters with Filter TemplatesAdd Port Numbers to Custom Filter Templates Sample Filter Design window is shown below ISL, Q+EV2 Creating and Applying a ConversationProtocol and Frame Type Station AddressesApply Conversation to Template Check Box Traffic Direction IndicatorConversation Element Description Creating and Applying a Port NumberSelecting Filter Templates Defining Port NumbersMultiple Byte Patterns in Filter Templates Creating Custom Filter TemplatesCustom Templates Based on Pre-Defined Templates Custom Templates Based on Specification of Byte Patterns Entering Values that Cross Byte Boundaries Bit-Level Filtering Creating Filter Template Combinations Filter CreationTemplate Combination box Filter ActionsOperator Buttons for Template Combinations Description NotPackets until the buffer is %% full field Actions for Capture FiltersCapture Filter Actions Action DescriptionActions for Display Filters Counter Conditions for FiltersDisplay Filter Actions Capture Filter Global Description Global Values that Affect Capture Filter ActionsFrame Types Capture Filter Global ValuesFrame types are shown in Table Multi-State and Multi-Statement FiltersExample Filter States Design Window Filter Structure Filter States Changing States Changing Filter OperationGoTo Current State Filter Statements Capture and Display Filter Differences Activating Display FiltersActivating Capture Filters Filter Example, Capture Conversation Filter ExamplesSurveyor Filter Design Window, Template Combination Example Filter Example, Template CombinationSurveyor Filter Design Window, Capture TCP Port Example Filter Example, Capture TCP Port TrafficSurveyor Advanced Filter, Filter States Design Window Filter Example, Advanced FilterRules of the Capture or Display Filter Hints and Tips for Using Filters Filtering Tips Unique to THG-class Devices Transmit Specifications Transmit SpecificationDefined Streams List Box Transmit Specification Dialog BoxRadio Buttons and Fields for Defining a Stream Stream Function Buttons Transmission Mode and Status ControlsTransmit Specification Control Buttons Stream ButtonsTransmit Specification Control Buttons Control Button Transmit Specification FunctionRepeating Frames Surveyor Stream Modes Stream Mode Rate SettingStream Modes BurstsTransmission Mode Specifying Transmit DataPacket Editor Packet Editor Button Editing Function Changing Fields Directly in the Dialog BoxData Field DA and SA FieldsPacket Type Packet SizeCreating Templates Using TemplatesTransmitting Capture Files Transmit Specification ExamplesTransmit Specification Example, Packet Gaps Transmit Specification Dialog Box, Bursts Transmit Specification Example, BurstsHints and Tips for a Transmit Specification Surveyor Alarms Current Module Alarms Current Module AlarmsAlarms Alarm Editor Alarm Editor DescriptionMqos Multi-QoS Alarms Expert Alarms Transport LayerData Link Layer, Ethernet YES Using Alarms with Different DevicesThresholds and Alarms Alarm Actions Description Support by Host Type Alarm ActionsSettings Log File SettingsMail Settings Alarm ActionsSnmp Trap Settings Pager SettingsTrap Settings for THGs Trap Settings for Surveyor Hosts Hints and Tips for Alarms Viewing the Alarm List and the Alarm LogAlarm Example, Utilization Alarm ExamplesAlarm Example, MAC Errors Alarm Example, MAC ErrorsAlarm Example, Frame Size Alarm Example, Frame SizeAlarm Example, Call Jitter and Call Setup Time Alarm Example, VoIP Calls10. Alarm Example, Expert and Application Response Alarm Example, Expert and Application ResponseSurveyor Expert Features Duplicate Network Address View Expert System ViewsGetting Started with Expert View Application Response Time ViewExpert Features Expert Overview Details Expert Overview Detail Table Example Layer Description Expert LayersExpert Application Layer Example 10-8 Expert Symptoms and Analyses by Layer Expert Analyses Expert Symptoms, Analyses, and Network Entities SymptomsTables in the Detail Area for Symptoms Analyses Tables in the Detail Area for AnalysesEntities Entities for the Transport Layer Example Application/Session Lists for Entities Transport Lists for EntitiesNetwork Lists for Entities Data Link Lists for Entities Expert Diagnosis Example Expert Diagnostic MessagesWorking with the Expert System Configuring the Expert SystemSetting Expert Alarms Module Settings for the Expert SystemExporting Expert Data Printing Expert DataWorking with Timestamps Working with Analyzer Devices Application Response TimeApplication Layer Excessive Mailslot BroadcastsRate of change of SMB Mailslot Broadcasts=40 FTP Login Attempts Expert SymptomLogin attempts=4 Time passed since last announcement=4000 ms 3000 ms Missed Browser AnnouncementBetween 00000010.0207012303E3 and 302A9950.000000000001 NCP File RetransmissionNCP Read/Write Overlap Requests denied within 100 ms=5 NCP Request DeniedLoops on same request in 100 ms NCP Request LoopRate of change of NCP Server Busy=5 NCP Server BusyFile retransmission ratio is 8 / 28 = 28% NCP Too Many File RetransmissionsRequests denied ratio is 8 / 28 = 28% NCP Too Many Requests DeniedRequests loops ratio is 8 / 28 = 28% NCP Too Many Request LoopsNFS Retransmissions Http Post request not responded No Http Post ResponseSmtp server not responded No Server ResponseSlow Http GET response=3608 ms 2000 ms Slow Http GET ResponseSlow Http Post response=2918 ms 2000 ms Slow Http Post ResponseSlow FTP server connect=298 ms 200 ms Slow Server ConnectSlow Smtp server response=1258 ms 1000 ms Slow Server ResponseInvalid network name in tree connect SMB Invalid Network NameInvalid password SMB Invalid PasswordSession Layer No Wins ResponseWins request not responded within 1000 ms Slow TNS server connect=298 ms 200 ms TNS Slow Server ConnectSlow TNS server response=238 ms 200 ms TNS Slow Server ResponseIdle Too Long Transport LayerStation 206.250.228.11 not responding Non Responsive StationSA=206.250.228.69 DA=206.250.228.11 TCP Checksum ErrorsTCP Fast Retransmission TCP Frozen Window 10-48 TCP Long Ack Acknowledgement number is less than the one before TCP Repeat AckTCP Retransmissions TCP RST Packets Rate of change of TCP SYN’s=150 TCP SYN AttackTCP Window Exceeded CountData length of 128 bytes exceeds last window size Between 206.250.228.69/TCP/IP WKP1988 206.250.228.11/SMTP TCP Window ProbeExpert Diagnosis TCP Zero WindowRetransmission ratio is 49 / 50 = 98% Too Many RetransmissionsNetwork Layer Duplicate Network AddressAddr=206.250.228.67 SA=206.250.226.11 DA=206.250.228.69 Hsrp CoupHsrp Errors Hsrp Resign Source Quench Redirect Icmp All ErrorsParameter Problem Destination UnreachableIcmp Bad IP Header Cannot be reached by SA=206.250.228.11 DA=206.250.228.69 Icmp Destination Host Access DeniedIcmp Destination Host Unknown Icmp Destination Network Access Denied Icmp Destination Network Unknown Icmp Destination Unreachable 10-69 Icmp Fragment Reassembly Time Exceeded Icmp Fragmentation Needed D/F set Icmp Host Redirect Icmp Host Redirect for TOS Icmp Host Unreachable Icmp Host Unreachable for TOS Addr=206.250.228.69. Subnet mask=255.255.255.240 Icmp Inconsistent Subnet MaskIcmp Network Redirect Icmp Network Redirect for TOS Icmp Network Unreachable Icmp Parameter Problem Icmp Port Unreachable Icmp Protocol Unreachable Icmp Redirect Icmp Required IP Option Missing Icmp Source Quench Icmp Source Route Failed Icmp Time Exceeded Icmp Time to Live Exceeded Addr=255.255.255.255 Illegal Network Source AddressIP Checksum Errors TTL=1 SA=206.250.228.69 and DA=206.250.228.11 IP Time to Live ExpiringISL BPDU/CDP Packets Vlan ID=1036 ISL Illegal Vlan IDOspf Broadcasts RIP Broadcasts Rate of change of Router Broadcasts=5 Router StormAddr=255.23.252.6 Same Network AddressesSAP Broadcasts Total Router Broadcasts Rate of change of Topology=10 Unstable MSTAddr=0.0.0.0 Zero Broadcast AddressBad Frames MAC LayerRate of change of Bcast/Mcast Packets=500 Broadcast/Multicast StormsCRC Frame counter CRC error with more than 63 bytesRate of change of ARP Requests=20 Excessive ARPRate of change of Bootp/Dhcp Requests=25 Excessive BootpExcessive Broadcasts Excessive Collisions Excessive Multicasts Fragment Frame CRC error with less than 64 bytesAddr=FFFFFFFFFFFF Illegal MAC Source AddressJabber Frame CRC error with more than 1518 bytesUtilization=42% Network OverloadNew MAC Stations Oversized frame has more than 1518 bytes Oversized FrameOverload Frame Rate Overload Utilization Percentage Rate of change of Errors=450 Physical ErrorsRunt frame has less than 64 bytes Runt FrameAddr=00800F13A65B Same MAC AddressesTotal MAC Stations Hints and Tips for Expert Features Summary of Expert Counters and Symptoms Response Time Alarm editorConfiguration dialog box Summary of Expert Features Summary of Expert Features TOS ISL BPDU/CDP Surveyor TCP RST Surveyor Multi-QoS Protocols Supported by Multi-QoS Using Multi-QoS with Analyzer HardwareMulti-QoS User Interface Overview Call Summary Range Table All Calls TableChannel View Table Call Details for a Single Call Surveyor and Rtcp Jitter ValuesSummary Range Graphs Call Tables for a Specific RangeMulti-QoS Configuration Configuring Multi-QoSAlarm Log Monitor Only Protocol Type Timeout ValueRefresh Options MQoS Window Management Call Filtering with Multi-QoS Multi-QoS Performance OptimizationAll Calls Table H323Red Phone All Calls Table Field Descriptions Field Descriptions for All Calls TableCall Range Graphs and Summaries Call Jitter, Call Rtcp Jitter, Call Setup TimeMulti-QoS Configuration, Call Jitter Ranges Multi-QoS Packets Dropped Graph Example Dropped Packets, Rtcp Dropped PacketsMulti-QoS Configuration, Packets Dropped Call Range Summary Field Descriptions Field Descriptions for Call Range SummariesVQMon Metrics Multi-QoS R-factor Example Ranges for R-factors Network R-factor User R-factor Multi-QoS Configuration, R-factor Ranges10. Multi-QoS Utilization Graph Example Utilization Graph11. Example Call Details Window H.323 Field Descriptions for Call DetailsFID Sccp Call Field DescriptionsField Name Description H.323 Call Field DescriptionsSIP Call Field Descriptions Field Name 10. Unknown Call Field Descriptions Channel Table Details12. Channel Table Example 11. H.323, SIP, or Unknown Channel Table Column Descriptions Multi-QoS 12. Sccp Channel Table Column Descriptions Filtering on Single Channels Call PlaybackPlayback PCMU/PCMA Data Customizing All Calls or Range Summary Tables Customizing Multi-QoS Table Displays14. Multi-QoS Channel Table View Options, Sccp Example Customizing Channel TablesExporting Multi-QoS Data Exporting All Multi-QoS Data to CSV FormatChoose Export Multi-QoS Data... from the File menu Exporting a Single Multi-QoS Table to CSV Format 11-34 Packet Counters MAC Layer Counter TypesCounter Type Description Custom Counters Error CountersCounters Last frame received Expert Counters Network Unknown, Destination Host Unknown, Destination Net Overload Utilization Percent Surveyor Counter Log File Overview Multi-QoS CountersLog Directory Structure Utilities Name Table Utility Utilities Building a Name Table From the Network NIS2NAM output-name-table NIS-to-Name Table Conversion UtilitySniffer Translator Utility, Tool Menu Options Sniffer Translator UtilityInternet Advisor Translator Utility Get Version Information UtilityConvert Capture Files to Histogram Files Merge Histogram FilesFrom the Tools menu, choose Merge Histogram Files Exporting Packets Extract Frames From a File Using a FilterLogging Utilities Export UtilitiesExporting to Optimal CSV Format Exporting Tables to CSV Format or Graphs to a BitmapChoose Export to Optimal Performance from the File menu Exporting Counter Log Files to Excel13-11 13-12 Buffer Type Description BuffersHow Resources Use Buffers Table A-1. Buffer Types Used By SurveyorResource Buffer Usage Table A-2. Resource Use of BuffersHardware Dependencies Table A-3. Hardware Real-Time FunctionsTable A-4. Hardware Transmit Functions Table A-6. Hardware Connectivity Table A-5. Hardware Capture FunctionsCounters About Ndis ModeCaptured Packets Capture Rate / Transmit SpeedNdis Configuration Options Setting the InterfaceSet Capture Buffer and Packet Slicing Size Filter Templates Pre-Defined Filter TemplatesMacdamulticast ARPMacdabroadcast HEX FffffffffffDEC EigrpIcmp IgmpRIP IPX RsvpSAP IPX Imap DNS TCPFTP HttpTelnet SccpSmtp TCPNB-DATAGRAM DhcpDNS UDP Mgcp UDPSnmp NTPRIP UDP SIPHEX E0E0 Nmpi DsapHEX HEX F0F0Snapcdp SnapHEX AAAA03 SnaparpIslftp IslarpIsldns TCP IsleigrpIslmgcp TCP IslldapHEX Ffffffffffff HEX 01005EFFFFFFIsltelnet IslsmtpIslssp IsltcpHEX 0C HEX 0DHEX 0B HEX 2A HEX 0EHEX 0F Nonmac Function Keys Keyboard ShortcutsStandard and Navigational Keys Keyboard Shortcuts Surveyor Table D-2. Parser Names, Applications and Others Recognized Parser NamesTable D-1. Parser Names, DLC Suite Parser Name ProtocolTable D-3. Parser Names, Apple Talk Suite Parser Name Protocol NameTable D-4. Parser Names, Banyan Suite Table D-5. Parser Names, Cisco Suite Protocol Name Table D-6. Parser Names, DECnet Suite Protocol NameTable D-7. Parser Names, Fujitsu Suite Protocol Name Table D-9. Parser Names, Internet Suite Table D-8. Parser Names, IBM SuiteTable D-9. Parser Names, Internet Suite Protocol Name Table D-11. Parser Names, Netware Suite Table D-10. Parser Names, Internet Next Generation SuiteTable D-13. Parser Names, XNS Suite Protocol Name Table D-12. Parser Names, PPP Suite Protocol NameTable D-15. Parser Names, ITU Codecs Table D-14. Parser Names, H.323 SuiteTable D-17. Parser Names, Other Multimedia Protocol Name Table D-18. Parser Names, Intel Suite Protocol NameTable D-19. Parser Names, VPN Suite Protocol Name Surveyor Glossary Alarm Browser Avvid Capture Mode Dram Expert View Log Files Ndis NIS Pause Sccp Token Error Transmit Specification WKP Index Index-2 Index Index-4 Index-5 Index-6 Index-7 Index-8 Index-9 Index-10 Index-11 Index-12 Index-13 Index-14