UDP Flow Monitor

UDP Flow Monitor

IO Ninja also includes the UDP Flow Analyzer layer plugin. This layer can be attached on top of Pcap Sniffer or Ethernet Tap to post-process captured packets and convert those into the high-level data flow representation.

The UDP Flow Monitor plugin allows you to concentrate on the data exchange between the UDP nodes, without digging into the details hidden deep down the protocol stack. For example, some UDP/IP datagrams may be fragmented, so the payload in raw packets will not be the same as payload seen by the application. It also means that filtering by UDP port number on raw packets is unreliable.

The UDP Flow Monitor plugin takes care of these low-level details and provides you with a clean log of UDP conversation just like the one produced by UDP Socket plugin. You can also filter the log of UDP datagrams using the address (or just UDP port).

Under the hood, the UDP Flow Monitor plugin is powered by libpcap, an industry-standard open-source cross-platform packet capture technology.