Capturing packets with the GigaStor
The GigaStor allows packet captures to be scheduled, trimmed (partial packet captures), and all its data can be exported for archiving. Also learn about GigaStor indexing and the difference between statistics and packets.
A GigaStor can accumulate terabytes of stored network traffic. To manage the sheer volume of data, the GigaStor probe indexes the data. You use the GigaStor Control Panel within Observer to manage the capture, indexing, and storage of large numbers of packets over long periods of time. While the GigaStor Control Panel is active, standard packet captures are unavailable for that probe instance. You cannot run the two types of captures simultaneously.
While actively capturing packets, the GigaStor Control Panel tracks network statistics and indexes them by time as it saves the packets to disk. This allows you to quickly scan the traffic for interesting activity and create filters to focus on specific traffic using the slider controls and constraint options.
The GigaStor Control Panel also automates storage management by deleting the oldest data before storage runs out. This maintains a multi-terabyte “sliding windows” of time within which you can review and decode traffic. It also allows for passive (in other words, virtual) probe instances, which allow users to have their own instances (and security credentials) without duplicating data collection or storage.
You can view the sliding window as a time line chart. Depending on what constraint are in effect and your display options determine what appears on the chart. By using time selection sliders and other options, you can quickly acquire and analyze the packets by clicking the Analyze button. This opens the standard packet decode and analysis window. From there you can view packets, save them, and perform further filtering if desired.