Packet Sniffer sensor - Adding channel for specific IP

Hello,

please bear in mind that PRTG goes from top-to-bottom in such Channel Definitions to categorize Traffic. And if Traffic is already put into a channel (for example the first one) then it cannot be put into another channel later on again. So it's very likely that the Traffic to and from this server was already put into another channel before this number 2001.

best regards.

I placed this at the top of the definitions to ensure that nothing else could intercept the traffic.

Can I assume that the filter rules should work as per the examples ?

Is there any way to get debug info to see which channels are handling the traffic ?

You can enable the LogStream-Logfile in the sensor settings. This will write a CSV-File with all traffic information gathered by the sensor.

I've captured the debug data for a while and much of the traffic for this server is being allocated to other channels even though the definition is at the top of the list.

There are multiple entries in the CSV file with the same source and destination IP addresses and some of the traffic is allocated to this sensor and some to another. The data looks identical other than the size so I cannot see why this would happen.

Any ideas on how to fix this ?

It would be good then if you could send us the log-file and also some screenshots to support@paessler.com

I know this is a bit of an old topic but I've just put this here just for reference if needed. The following sensor 'Channel Defintions' worked for me and I have created 2 different Custom Packet Sniffer sensors for the same LAN so that I can easily identify which devices on my LAN are using the most internet bandwidth for either uploads or downloads at any given time:

#3010:Server upload
(Protocol[TCP] OR Protocol[UDP]) and (SourceIP[192.168.8.10])

#3011:Server download
(Protocol[TCP] OR Protocol[UDP]) and (DestinationIP[192.168.8.10])