Ask Your Question
0

Get CPU and Memory usage of a Wireshark Capture

asked 2018-06-18 01:40:09 +0000

TopCr gravatar image

Anyone knows how can i get CPU and Memory usage by a network interface (WiFi or Ethernet) in specific packet interval of a Wireshark Capture?

I need something that give me a metric over millisecond since the packet interval that I'm interesting lasts for almost 60 milliseconds.

I tried use TOP command over the Network-Manager process in millisecond interval, but the values didn't appear to be good, and I'm not sure either if these is the correct way to make this.

I'm Interesting on packet 1 to 13 interval of this capture:

https://i.stack.imgur.com/X6RSq.png

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
1

answered 2018-06-18 07:32:49 +0000

Guy Harris gravatar image

Anyone knows how can i get CPU and Memory usage by a network interface (WiFi or Ethernet) in specific packet interval of a Wireshark Capture?

Wireshark captures packets; it doesn't measure CPU or memory usage of any sort on the host.

I tried use TOP command over the Network-Manager process in millisecond interval, but the values didn't appear to be good, and I'm not sure either if these is the correct way to make this.

It's not. If you're referring to NetworkManager on Linux, it manages the configuration of network interfaces, but it's not involved in the processing of packets.

I'm not sure there's any tool that can do a measurement of the CPU or memory use by a particular network interface, either at the driver level or at the level of the entire networking stack, especially over such a short period of time.

edit flag offensive delete link more

Comments

First of all Thanks for the attention.

I know that Wireshark can help me just with time used on the capture and bandwidth. I still use it because of "time of the day" field on the frame that can help me with approximately time to monitoring.

About Network-Manager. I think you are Right and i realize this after get the values that make any sense. i thought that was the right way because of the useful information about the authentication on this log.

I found some papers that people make this type of metrics in some captures even smaller like 4-way-handshaking that is only 4 specific frames lasting for 6 to 8 milliseconds. The problem is that nobody explain how they get this metrics.

TopCr gravatar imageTopCr ( 2018-06-18 17:02:16 +0000 )edit

I found some papers that people make this type of metrics in some captures even smaller like 4-way-handshaking that is only 4 specific frames lasting for 6 to 8 milliseconds. The problem is that nobody explain how they get this metrics.

Do you have reference to some of those papers, e.g. URLs for them, so we can see what those metrics are and try to figure out how they obtain them?

Guy Harris gravatar imageGuy Harris ( 2018-06-18 20:12:33 +0000 )edit

Guy Harris. What do you think about monitoring the WPA_SUPPLICANT process? I check the log, it show many information about the auth process, but I'm not sure if its the same case of Network-Manager

TopCr gravatar imageTopCr ( 2018-06-19 21:46:21 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2018-06-18 01:40:09 +0000

Seen: 56 times

Last updated: Jun 18