Please fill the form below up and receive immediately an automated email with the instructions to download and install the trial Virtual Appliance!

This Virtual Appliance will be valid for 15 days from the day the download link is sent.

About you

Key differences between packet capture and real time stream analysis

Network administrators rely on network traffic analysis to troubleshoot complex problems and specifically performance degradations. The usefulness of network analysis solutions is obvious to all of them. 

The main question raised by most network teams is how fast can we get to the root cause and which tools can really help us. 


The 2 approaches to network analysis

We see two main approaches to network traffic analysis: 

  • Packet capture (also designated as sniffer, analyser, stream to disk, network recorder):
    • Main steps:
      1. capture packets,
      2. store packets on a disk,
      3. extract a tracefile and
      4. analyse them with a software analyser
    • Most common solution: Wireshark
  • Real time stream analysis (also designated as Wire Data performance analytics)
    • Main steps:
      1. analyse packets in real time,
      2. store analytics extracted form the packets,
      3. conduct the analysis based on these KPIs. 

You may also be interested in this article: "Understand the 6 reasons which drive your approach to network analysis."

Packet capture: the traditional network performance approach

How legacy traffic capture works

Real Time Stream Analysis 


Both approaches have advantages and drawbacks. 

We have summarised the challenges which should guide to use packet capture or stream analysis and the operational impacts of each in this performance troubleshooting guide:From Trace file analysis to Real Time Stream Analysis 


Topics: NPM, Network troubleshooting, Stream analysis

Posted by Boris Rogier on 03 août 2016
Boris Rogier
Find me on:

Receive our Blog Articles