The Expert features in Omnipeek and the Capture Engines provide real-time analysis of response time, throughput, and a wide variety of network events and potential problems in a flow-centered view of traffic in a capture window. You can also link end-user satisfaction with the performance of a network application through the Application Performance Index (Apdex), an open standard that defines methods for reporting application performance. See Applications view below.
The Expert EventFinder detects nearly 200 different network events and provides descriptions, possible causes, and possible remedies organized by OSI layer. Depending on your version of the program, network events specifically related to VoIP, Wireless, WAN, and user-defined Network Policy items are also shown. See Using the EventFinder below.
The Expert View Window
The Expert Clients/Servers view makes it easy to track events and to see them in the context of peer-to-peer or client-server traffic patterns.
To display events in the Expert Clients/Servers view:
- Select Clients/Servers under Expert in the navigation bar of a capture
window.
Pairs of nodes are displayed at the top level, individual conversations (flows) underneath them, and individual events nested under each flow. Color coded traffic indicator lights show whether or not packets were received in the last few seconds:
- green (active)
- light green (inactive)
Smaller LED lights appear to the right of the traffic indicators when an event has been detected:
- A red LED indicates one or more events whose severity is Major or Severe.
- A yellow LED indicates one or more events whose severity is Informational or Minor.
- Right-click in the upper pane to collapse or expand the hierarchy to display the most relevant information. When expanded, Expert events are displayed by ports. Ports are shown with directional arrows.
Using the EventFinder
You can view more details about individual network events in the Expert EventFinder Settings dialog.
To open the Expert EventFinder Settings window:
- Right-click in the Clients/Servers view and select Expand All.
- Select an individual expert event from the expanded Clients/Servers view.
- Click EventFinder Settings. The Expert EventFinder Settings window appears with
this expert event highlighted, as shown below: Tip: You can also right-click an event inside the Event Summary or Event Log tab and select EventFinder Settings to display the Expert EventFinder Settings window.
- Click Show Info to see a complete description, possible causes, and possible remedies for this network event.
The Expert EventFinder Settings window also provides information on what sensitivity or setting value was used to flag this event as significant. You can configure the value, threshold, and memory settings for each individual expert event in the EventFinder window. You can also save these settings by exporting them to a file and importing them later into another capture.
Applications View
The Expert Applications view categorizes each flow by application. Flows are grouped together by application, providing a hierarchical view of the use of each application, first by server, then by client, and then by port. This view allows you to see who is using each application on your network and how each application is performing.
To display the Applications view:
- Select Applications under Expert in the navigation bar of a capture window.