IP and traffic reconciliation tool networktrafficview

Bandwidth is only 1Mbps, It's useless at ordinary times , Hold a small forum , Take some study notes , Few people visited , But sometimes the bandwidth is full , I don't know what request caused the traffic to be full . How to record traffic data for a period of time ？

Run this software to check the traffic https://www.nirsoft.net/utils/network_traffic_view.html

Small software 、 All test items , You can sort by sub items , For example, I press Status、Total Data Size The sorting is as shown in the figure above

Specific port 、IP、 Data volume 、 The speed can be seen clearly , If you don't monitor, just click the stop button on the upper left

You can set automatic every xx Seconds to export network traffic information to a file （csv / tab- Delimit / html / xml） The option to （ stay “ Advanced options ” Window ）, It is convenient to reconcile the flow

Software menu items Options→Advanced Options

Pictured above , Set the absolute path for the exported file ,30 Seconds a file , Check , Finally, there will be many small files , Put these csv Put the files in a folder , Execute commands to merge into one csv

copy C:\Users\HASEE\Downloads\networktrafficview-x64\*.csv C:\all.csv

Merge into one csv after , use Excel open , Delete duplicate lines after opening , Then you can press IP、 agreement 、 port 、 Filter and analyze the time period .

notes ： This software is dependent on winpcap To get the traffic

But inside Tencent cloud safe Mirror image （ The monitoring and security components for Tencent's self-developed business are installed ） install winpcap Wrong report , because safe The mirrored onion component comes with winpcap, Result in separate installation winpcap You can't install it

【 Onion service 】

C:\Program Files (x86)\WinAgent\

service name： winagent

display name：Tencent WinAgent

4.1.3 This version ：The last official WinPcap release was 4.1.3 （ The last version of the official website ）

win7/win8.1/win10/2016/2019/2012R2/2008R2/ Can be used winpcap 4.1.3

https://www.winpcap.org/install/bin/WinPcap_4_1_3.exe

wireshark Suggest using 2.6.20 This version （winpcap The last of the edition wireshark edition , new edition wireshark yes npcap Version of ）

Full version wireshark Official download address ：https://2.na.dl.wireshark.org/win64/all-versions/

Open it and search 2.6. Just find the last version , Before 2.6. The last version of is 2.6.19, Recently found an update , yes 2.6.20

I am here 4 Kind of windows safe Mirror image (2008R2/2012R2/2016/2019) It is verified on , This method can solve the problem of onion winpcap Interference caused by installation

Administrator status cmd The command line runs this 3 Sentence before installing winpcap You can install , then network_traffic_view You can use it winpcap Get traffic

sc stop winagent

cd c:\windows\system32\drivers\

ren npf.sys npf.sys.bak

Then run as Administrator winpcap Install the file to complete the installation , Install well winpcap after , You can use NetworkTrafficView 了