Graphing

Graphs are the bread and butter of analysis, and one of the best ways to get an overview of a data set. Wireshark includes a few different graphing features to assist in understanding capture data, the first of which is its IO graphing capabilities.

Viewing IO Graphs

download-fast.pcap

download-slow.pcap

Wireshark’s IO Graphs window allows you to graph the throughput of data on a network. You can use such graphs to find spikes and lulls in data throughput, discover performance lags in individual protocols, and to compare simultaneous data streams.

To view an example of the IO graph of a computer as it downloads a file from the Internet, open download-fast.pcap. Click any TCP packet to highlight it, and then select Statistics ▸ IO Graphs.

Get Practical Packet Analysis, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Practical Packet Analysis, 2nd Edition by

Graphing

Viewing IO Graphs

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly