Ethereal-users: [Ethereal-users] [OT]Methods and logistics for network monitoring w/(t)ethereal
I have a question/request for comments ;) for the network geeks out here: I am
using right now various (actually too many) open source tools for polling and
pulling data from all over my devices. I am also using some commercial
low-end packages, and have used ethereal only for its sniffing (as in:
"reactive intervention to claims of network problems") capabilities, having
totally lost touch with the new add-ons (RTT, -Z <statistics>, etc.). I was
wondering if anybody would be interested/willing to share their "way of
using" (t)ethereal, for more than just "momentary" sniffing. I have
personally started looking into ways of monitoring application behavior, and
- as sometimes big time frame separates me from the clients (Asia, Europe) -
I was looking into using the remote capabilities (rdump) of the new winpcap
and windump (and - of course - (t)ethereal) and having users run a remote
dump to be centralized on a server, at the time of things "happening" from
their own units, and - perhaps - allowing them to trigger similar trace(s)
from the back end(s - if multiple tiers) server(s - web, database, etc.). I
have tested the remote capability, ad well as the daemon portion of rdump,
and found it to be working, so I am working now on the logistics, but I am
not sure if this could lead me to any good. I was hoping to - then - merge
the traces in the aftermath of problems, then run some of the statistics ...
I am pretty sure I am rushing through too brief of an explanation above,
compared to the potential magnitude of the question, but the bottom line is:
how are you guys resolving logistics issues (sticking with the (t)ethereal
subject!) application monitoring and data analysis (gathering, merging,
analyzing, etc.)? Links to appropriate info would also be appreciated.
TIA,
Stef
P.S. As I am trying to script the majority of things I am looking into using,
the CLI part would be mostly of interest (tethereal), of course.