Author Profile - My name is Joke (pronounced \yo-kə\ or Joan for those who do not speak Dutch). During the day, I work as a secretary for a non-profit organization providing assisted living for mentally handicapped people in the south of The Netherlands. In my spare time I like to use Wireshark. I find it interesting and necessary to monitor my home network to see what is going on. As a user I like to answer questions at the Wireshark Mailing List.
What is in it for me? Well, I learn a great deal whenever I try to solve real-world problems. I am also a member of the NGN (the Dutch Network User's Group). I write articles about how to use Wireshark and the command line tools. And if there is still some spare time left, I like to go biking in the woods near my hometown with my husband and fellow geek.
CACE Pilot: Views and Capture Filters
CACE Pilot, a network visualization and analysis tool from CACE Techologies, is fully integrated with Wireshark.
Here you can read more about the latest release: version 2.3.
In this article I will show how to organize Views and how to add capture filters to Views.
Views
CACE Pilot is shipped with approximately 200 Views.
The Views consist of a collection of interactive display components like bar charts, strip charts, conversation rings, grids and so on.
After loading a capture file you can apply one or more Views. You can also use traffic from a live source: a wired ethernet adapter or a wireless adapter.
You can copy the Views, which you always want to use, to a custom folder.
When you want to analyze a capture file, you just have to drag and drop the custom folder on the capture file and all the Views in the folder are applied at once.
It is even more handy to create several custom folders for different companies, locations, networks and so on.
Copy the Views, you need to those folders. Next you can also set capture or display filters to those Views. These filters are saved in the Views. And again; you can apply them all at once by dragging and dropping the whole folder on a capture device or a capture file.
Enlarge the screenshot to get an idea of the custom folders.
It is also great to create folders to monitor your wired and wireless home network.
Want to see how this works?
Continue reading to see how to manage the folders and how to add capture filters.
Create Custom Folders
Right-click on Custom.
Select: Create Subfolder.
Scroll down and look for the Views you want to copy to the folders you have just created.
Select the View.
Use the CTRL-key to select multiple Views.
Right-click and select the appropriate folder.
Add a capture filter to a View
Right-click the View, you want to apply the filter to.Select: User Filter
Select: Set
Choose one of the filters or create you own filter by hitting Add.
• Choose a name
• Select Wireshark Capture Filter (BPF)
• Add filter string
You can find more information about capture filters in the Wireshark User's Guide, the Wireshark Wiki or my previous articles about capture filter samples.
When you are done, drag and drop the folder to the capture device or the capture file.
Note
The filter symbols show which Views contain filters. You can also see the filter syntax on the left side.
Recent Comments