stop capture trigger and the AUKUA MGA2510

www.aukua.com

Here’s a common question I get asked, “How do you handle multi gig trace files?” My first response is always “I try to avoid those scenarios.”

With 1 Gb and high connections, its easy to get a trace file that is hundreds of megabytes or 1 gigabyte. In most scenarios, you start a capture wait for the problem and then go through a ton of packets.

There are ways to minimize the number of packets to analyze that I have covered in past articles like packet slicing, and good old capture filters. Another tip is to use capture stop triggers. A capture stop trigger is simply a user configured event you use to stop the analyzer from capturing.

If you are lucky the stop trigger could be an application error, TCP RST, ICMP error, etc, In this video I show you a common trigger I use where I ping the client or vice versa.

When you use a stop trigger along with a smaller capture buffer, like 100 MB, you have a lot less to analyze.

Enjoy ... https://www.youtube.com/watch?v=7W3HwP9bO2U