Hi,
I have a content packet sniffer in place trying to track down excessive bandwidth usage going to my provider. I've set up an exclude filter of sourceip[10.0.0.1/8] and destinationip[10.0.0.1/8] so I don't get intra-lan ip traffic.
So far the two protocol classifications using the most bandwidth are the www and 'various' groups. How do I determine which URLs are in the www group and a breakdown of the protocols in the various classification? Would also like to see which IP addresses they're going to/coming from as well.
Thanks!
--Ben
Article Comments
I have; the results show high 'other' usage or high web traffic. Knowing what constitutes 'other' is a mystery for me. As well as determining within the web traffic, which intranet servers are generating it, and within those, which sites. I understand there is no site (ie domain) level tracking mechanism available.
How would I break down the other category?
Apr, 2011 - Permalink
Where exactly do you see the "Other"-entry? In the sensor results? Or in the Toplists. Because that would be two different things. Other in Toplists means a summery beyond the limit of entries for a toplist: What does the 'other'-entry in my TopConnections/TopTalkers mean?
Whereas Other in the sensor results itself means traffic type(s) unknown to PRTG.
Apr, 2011 - Permalink
Dear Ben,
have you checked the TopLists of the Packet Sniffer Sensor yet?
Best regards.
Apr, 2011 - Permalink