PcapGraph Manual

Create bar graphs with packet capture timestamps.

---

About

Three packet captures taken of the same network traffic, staggered by 20 seconds.

Platforms

Linux, macOS, Windows

Description

• Assists with flow-based troubleshooting where there are at least 3 pcaps. See Usage for detailed use cases.
• Create a horizontal bar graph to visualize when pcaps were taken.
• Use set operations to find patterns among multiple packet captures in ways that Wireshark is not able to.
• If an output format is not specified, the default behavior is to print to stdout and send a matplotlib graph to the screen (thus the name).

License

Apache 2.0

---

Contents:

• Install
  • Prerequisites: Wireshark
  • Installing PcapGraph
  • Install Errors
  • Testing Install
• CLI Usage
  • PcapGraph args
• Pcap Preparation
  • Filtering for Relevant Traffic
  • Decreasing the Size of the Packet Capture
  • Modifying Timestamps
• Using PcapGraph
  • About
  • Gut check: Visualize your packet captures
  • Union: Troubleshoot broadcast storms
  • Intersection: Find common traffic
  • Difference: Remove shared packets
  • Symmetric Difference
  • Timebounded Intersection
  • Inverse Timebounded Intersection
  • Have fun with your Downloads folder
  • Examples of all output formats
• Addenda
  • Set Theory
  • Set Caveats
  • Generating Demo Packet Captures
• API Documentation
  • pcapgraph module
  • pcapgraph.draw_graph
  • pcapgraph.generate_example_pcaps
  • pcapgraph.get_filenames
  • pcapgraph.manipulate_frames
  • pcapgraph.pcap_math
  • pcapgraph.save_file