How To Rename Your Network Interfaces In Windows (by Tony Fortunato)
Give Me Packets!!! Case Study: Slow Oracle DB (by Mike Canney)

Using NetworkMiner with a Windows netsh trace File (by Paul Offord)

Before analyzing a network packet trace file, I try to make sure that I've collected information about IP addresses and TCP/UDP port numbers.  Even so, I still find that I don't have all the information I need.  There are techniques you can use to get the missing information - check NBNS host announcements, explore the names resolved by DNS - but it's all just more hassle.

  Networkminer_host_details

Recently I noticed a bit of a buzz around NetworkMiner, so I thought I'd check it out.  What I found was a simple tool that does just what I need; extract useful host and service information from Wireshark traces.  We now analyze a fair number of traces captured with Windows netsh trace, so I thought I'd look at how we can use NetworkMiner with these Windows-native trace files.

In this video ...

 ... we discover how to configure a Workbench Transformer so that NetworkMiner can analyze Windows netsh trace files.

 

 

[MP4 version here in case YouTube is blocked]

You can still download a free copy of Workbench from the Downloads section of the TribeLab Community website - https://community.tribelab.com

Best regards...Paul

 

Picture of Paul OffordAuthor Profile - Paul Offord has had a 39-year career in the IT industry that includes roles in hardware engineering, software engineering and network management. Prior to founding Advance7, he worked for IBM, National Semiconductor and Hitachi Data Systems.

Paul is currently leading the TribeLab project to explore new ways to help IT support people troubleshoot performance and stability problems.

Comments