Packets [Total/In/Out]
Number of packets received by Impacted Host (in) or sent by Impacted Host (out) or captured in either direction (total). Often stored in all three fields.
Data Type
Double
Aliases
| Use | Alias |
|---|---|
Client Console Full Name | Host (Impacted) Packets Rcvd Host (Impacted) Packets Sent Host (Impacted) Packets Total |
Client Console Short Name | Not applicable |
Web Console Tab/Name | Host (Impacted) Packets Rcvd Host (Impacted) Packets Sent Host (Impacted) Packets Total |
Elasticsearch Field Name | itemsPacketsIn itemsPacketsOut impactedHostTotalPackets |
Rule Builder Column Name | PacketsIn PacketsOut |
Regex Pattern | <packetsin> <packetsout> <packets> |
NetMon Name | TotalPackets |
Field Relationships
- Packets In/Out
- Items In/Out
Common Applications
Network traffic analysis.
Use Case
- Evaluating how much network traffic a given application generates.
- Measuring average packet size as an indicator of protocol abuse.
MPE/Data Masking Manipulations
Conversion to In/Out.
Usage Standards
Capture total packets if possible.
Examples
- Tectica SSH server
84540711 | 8/8/2013 1:40:01 AM | None | N/A | USABLDRRECFLOW01| Information | 0 | SSH Tectia Server | 1300 Channel inbound statistics, Username: uninitialized, Session-Id: 29936, Channel Id: 0, Packet count: 15, Packet size: 127
Packet count should be Packets.