When troubleshooting the network, you may need to merge packet captures. Lisa Bock demonstrates merging two packet captures and using the Time Shift option in Wireshark to correct time differences.
- [Instructor] When doing a troubleshooting exercise,…you may want to capture your packets…at two different locations.…In that case, you'll want to merge them together,…so you can do a full analysis…on what's happening on the network.…I've opened up this packet capture,…and I've purposely split it into two…so we can merge them back together again.…Merge01.pcap is just a short capture of 16 packets.…Now one of the things when merging your traffic,…you want to make sure that the times are correct.…
And using some type of protocol to monitor…and synchronize the time…is one of the most important things you can do.…However, if you have to shift the time,…you can shift the time as well in Wireshark.…Go to Edit and then Time Shift.…And then here you can see that…you can set the time for different packets,…and I can just go to 1,…and or shift the time up here,…but it has to be in the correct format.…For example, we'll shift it so it's starting at 3:30.…
And then we'll set the other packet,…the last packet, to 3:31.…And, again, this is a simple example.…
- Tapping into the network
- Baselining the network
- Troubleshooting to discover the cause of a slow network
- Merging traffic
- Sanitizing packet captures
- Capture engines
- Optimizing packet captures
- Basic and advanced IO graphs
- TCP stream graphs
Skill Level Intermediate
Enhance your skills1m 5s
1. Tapping into the Stream
2. Solving Network Problems
3. Capture Engines and Wi-Fi
4. Command Line Capture
5. IO and Stream Graphs
What's next?1m 13s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.