Home
Contents

LAN Analyzer and Protocol Decoder - CommView

Prev Page Next Page
 
Introduction
About CommView
What's New
Using the Program
Overview
Selecting Network Interface for Monitoring
Latest IP Connections
Packets
Logging
Viewing Logs
Rules
Advanced Rules
Alarms
Reconstructing TCP Sessions
Reconstructing UDP Streams
Searching Packets
Statistics and Reports
Using Aliases
Packet Generator
Visual Packet Builder
NIC Vendor Identifier
Scheduler
Using Remote Agent
Using RPCAP
Capturing Loopback Traffic
Port Reference
Setting Options
Frequently Asked Questions
VoIP Analysis
Introduction
Working with VoIP Analyzer
SIP and H.323 Sessions
RTP Streams
Registrations
Endpoints
Errors
Call Logging
Reports
Call Playback
Viewing VoIP Logs
Working with Lists in VoIP Analyzer
NVF Files
Advanced Topics
Capturing High Volume Traffic
Working with Multiple Instances
Running CommView in Invisible Mode
Command Line Parameters
Exchanging Data with Your Application
Custom Decoding
CommView Log Files Format
Sales and Support

Viewing Logs

Log Viewer is a tool for viewing and exploring capture files created by CommView and several other packet analyzers. It has the functionality of the Packets tab of the main program window, but unlike the Packets tab, Log Viewer displays packets loaded from the files on the disk rather than the packets captured in real time.

To open Log Viewer, click File => Log Viewer in the program's main menu, or just double-click on any CommView capture file that you have previously saved. You can open as many Log Viewer windows as you wish, and each of them can be used for exploring one or several capture files.

Log Viewer can be used for exploring capture files created by other packet analyzers and personal firewalls. The current version can import files in the Network Instruments Observer®, Network General Sniffer® for DOS/Windows, Microsoft® NetMon, WildPackets EtherPeek™ and AiroPeek™, Wireshark/Tcpdump, and Wireshark/pcapng formats. These formats are also used by a number of 3rd-party applications. Log Viewer is capable of exporting packet data by creating files in the Network Instruments Observer®, Network General Sniffer® for DOS/Windows, Microsoft® NetMon, WildPackets EtherPeek™ and AiroPeek™, Wireshark/Tcpdump, and Wireshark/pcapng formats, as well as the native CommView format.

Using Log Viewer is similar to using the Packets tab of the main window; please refer to the Packets chapter if you need detailed information.

Log Viewer Menu

File

Load CommView Logs – opens and loads one or several CommView capture files.

Import Logs – allows you to import capture files created by other packet analyzers.

Export Logs – allows you to export the displayed packets to capture files in several formats.

Clear Window – clears the packet list.

Generate Statistics – makes CommView generate statistics on the packets loaded in Log Viewer. Optionally, it is possible to reset previously collected statistical data displayed in the Statistics window. Please note that this function will not show packet distribution along the timeline. It is limited to displaying totals, protocol charts, and LAN hosts tables.

Send to VoIP Analyzer – sends all packets from the current Log Viewer window to a new VoIP Log Viewer window for VoIP-specific analysis.

Close Window – closes the window.

Search

Find Packet – shows a dialog that allows you to find packets matching a specific text.

Go to Packet Number - shows a dialog that allows you to jump to a packet with the specified number.

Rules

Apply – applies your current rule set to the packets displayed in Log Viewer. As a result, when you use this command the program will delete the packets that don't match the current rule set. Note that this won't modify the file on the disk.

From File… - does the same as the Apply command, but allows you to use a rule set from a previously saved .RLS file rather than the current rule set.