Table of Contents
Advertisement
4.1.1. Traffic Flow Analysis
The traffic flow analyzer is by default configured to be subscribed to process the new capture files. This
means that any time a new PCAPNG is created, it will be added to the analyzer queue. Using the
Unsubscribe/Subscribe button of the Traffic Flow Analysis section, it is possible to stop the analyzer from
processing new files, without impacting the capture. It is also possible to reset the analyzer queue via the
Delete button, in order to drop all of the pending files that are waiting for analysis. These can be (re)added
to the analyzer queue from the
Data Vault > Captured Files
page.
Advanced traffic analysis can be enabled or disabled via the Enable advanced traffic analysis toggle. When
disabled, the analyzer will stop recording metrics for the VoIP, TLS and Modbus dashboards, which will
increase overall traffic analysis performance.
If Use VLAN/MPLS to correlate traffic flows is enabled, VLAN tags and MPLS labels will be used to identify
traffic flows. Otherwise, they will be ignored.
4.1.2. Bandwidth Analysis
The bandwidth analysis engine can be started or stopped via the Subscribe/Unsubscribe button of the
Bandwidth Analysis section. This engine provides accurate analysis of bandwidth usage, which can be
visualized in the dashboards (e.g. Bandwidth and Microbursts dashboards). It is also possible to reset the
analyzer queue via the Delete button, in order to drop all of the pending files that are waiting for analysis.
4.1.3. Capture Files Export
The capture file export engine can be started or stopped via the Subscribe/Unsubscribe button of the
Capture Files Export section. This engine exports new capture files to an external host, configured on the
Data Vault > Capture Export
page. Previously captured files can also be added to the exporting queue on
the
Data Vault > Captured Files
page. The exporting queue can be emptied via the Delete button.
28
Advertisement
Table of Contents
