When reading my reports I have traffic that is classified as "various". Is tehre a way to find out exactly what type of traffic is various? (such as citrix traffic or something els?)
I have a screenshot I can send you but cant paste it into this window.
Article Comments
Dear tprice,
for flow and Packet Sniffer sensors you can set up "channels". The traffic is divided into the different channels, according to the kind of traffic.
In the standard sensors, the "various" channel counts all TCP and UDP traffic that is not "catched" by the other channels (Chat, File Transfer, Infrastructure, Mail, NetBIOS, Remote Control, Web).
In order to further break down this traffic you can set enhanced channel definitions using a NetFlow, sFlow, jFlow, or Packet Sniffer Custom sensor.
For details, please see Can I add custom channels to standard Packet Sniffer and NetFlow sensors?
Feb, 2013 - Permalink
Dear tprice,
for flow and Packet Sniffer sensors you can set up "channels". The traffic is divided into the different channels, according to the kind of traffic.
In the standard sensors, the "various" channel counts all TCP and UDP traffic that is not "catched" by the other channels (Chat, File Transfer, Infrastructure, Mail, NetBIOS, Remote Control, Web).
In order to further break down this traffic you can set enhanced channel definitions using a NetFlow, sFlow, jFlow, or Packet Sniffer Custom sensor.
For details, please see Can I add custom channels to standard Packet Sniffer and NetFlow sensors?
Feb, 2013 - Permalink