USB Monitor

Go To Product Page

USB plays a crucial role in modern computing, enabling data transfer and interaction between various devices and applications. USB Monitor allows users to capture and inspect low-level USB interactions initiated by other applications on their PC. This capability is essential for tasks such as debugging USB device behavior, reverse-engineering vendor-specific USB protocols, and developing custom USB devices and drivers.

Basic Setup

  1. Ensure USBPcap is installed if you are on Windows, or that usbmon is enabled if you are on Linux.

Note

On Windows, USB Monitor requires the USBPcap capture driver. USBPcap is bundled with the full IO Ninja .msi installers, so if you installed IO Ninja this way, you are set. However, if you installed IO Ninja from a core .msi installer or a portable .7z package, you must install USBPcap from its official website manually.

On Linux, USB Monitor depends on usbmon, therefore you need to manually enable it to use the plugin.

  1. In IO Ninja, click the “New Session” dropdown and select a new “USB Monitor” session

_images/usb-monitor-new-session.png

  1. From the “Device:” dropdown menu, select the USB device you want to monitor.

_images/usb-monitor-getting-started-2.png

  1. Click the “Capture” button, to the right of the device selection dropdown.

_images/serial-mon-capture.png

  1. Analyze the log as USB traffic is intercepted.

_images/usb-monitor-getting-started-4.png

  1. Adjust settings as needed via the “Settings” button (see “Settings” section below for details)

Settings

_images/usb-monitor-settings.png

Setting

Description

Default

Device

The USB device to be monitored.
Snapshot size
(Windows-only)

The maximum size of a USB packet that can captured by the USBPcap driver.

65536

Kernel buffer size

Specify the kernel buffer size (the amount of memory allocated in the kernel for storing captured packets before they are processed).

1MB

Read block size (B)

The size of each individual read block submitted to the underlying transport.

4KB

RX buffer size (B)

The full size of the incoming data (RX) buffer. Affects read throughput.

16KB

RX buffer full notifications

Toggle warnings in log about the incoming data (RX) buffer getting full.

off

FAQ (Frequently Asked Questions)

1. Why are no devices listed in the dropdown menu?

If the device list is empty, it’s likely due to USBPcap (on Windows) or usbmon (on Linux) not being properly installed or initialized. Ensure that you have installed USBPcap or usbmon correctly and, importantly, that you’ve rebooted your system after installation. Without a reboot, the necessary drivers may not be fully operational, leading to empty device enumerations.