The free and open source packet analysis tool Wireshark provides many capabilities for analyzing network traffic. Among its capabilities is the capability to provide statistical information regarding captured network traffic. Looking at a pcap file with Wireshark for traffic captured during a data flow test, I saw what seemed to be a fair amount of Simple Network Management Protocol (SNMP) and Secure Shell (SSH) traffic with systems on an external network. I wanted to determine the actual percentage that traffic represented within the overall traffic during the test period. Fortunately, that is easy to do within Wireshark. One way to view statistics on bandwidth utilization by protocol while viewing captured data is by clicking on Statistics then selecting Protocol Hierarchy. Note: you may need to wait a little while for the statistics to be displayed if the amount of data to be processed is large.
[ More Info ]
