I have to do a little interactive monitoring this week, and while I want
to run Wireshark to log the packets, I'd also like to be able to do some more
hands on, flow-based monitoring, and the Conversations tool in WS2.x isn't
up to the task; it won't let me roll up all traffic for a local IP into a
single line, for example, as iftop will.
I thought I'd be able to do this with ntop, but even though I can see that
monitoring is enable to the switchport from WS, ntop only shows me the
broadcast connections.
Are there any better tools for this sort of work, that will cooperate
with WS on a Win7Pro box? (Yeah, yeah; I know; it's all I have handy and
I'm out of days; I had the flu last week like everyone else.)
Cheers,
-- jra