Welcome to the Linux Foundation Forum!

Network monitoring software

Options
ActiveX
ActiveX Posts: 59
in Applications

Hi everybody.

I need a software to let me monitor network usage by "application" at the very first step. I took a look at wireshark but it doesn't seem to simply tell me the application name.

Any help is appreciated.

Thanks ;)

Comments

  • mfillpot
    mfillpot Posts: 2,177
    Options
    The packets will not necessarily tell you what application they are using. Your best bet would be to monitor the destination ports all the network traffic and relate them to applications that are used within your network. The best reference for service names /etc/services. As for pulling the network traffic, you can use snort and pipe the captured data into mysql for analysis. You can also checkout enterape for a real-time visual snapshot of the network traffic.
  • atreyu
    atreyu Posts: 216
    Options
    Are you talking about monitoring services on your local machine (be it server, workstation, etc.)? If so, then a simple 
    netstat
    will tell you quite a bit, although it is not a GUI and not very pretty.
    Likewise, this will give you lots of output, but in a terminal: 
    tcpdump -i [ethN]

    The lsof command also works with network services, e.g.: 
    lsof -i4
    just lists currently running processes that are using IPv4.

    TIP: if you know what port something is listening on/talking on, you can look it up in /etc/services and sometimes get a description for that service, according to the IANA anyway.

    For gui tools (neither of which i have tried in some time), you can check out Nagios and Cacti. I don't know how app-centric they are, but they're definitely intended to monitor network traffic.

    hth

Categories

Upcoming Training