Number of packets received by Impacted Host (in) or sent by Impacted Host (out) or captured in either direction (total). Often stored in all three fields.
Data Type
Double
Aliases
|
Use |
Alias |
|---|---|
|
Client Console Full Name |
Host (Impacted) Packets Rcvd Host (Impacted) Packets Sent Host (Impacted) Packets Total |
|
Client Console Short Name |
Not applicable |
|
Web Console Tab/Name |
Host (Impacted) Packets Rcvd Host (Impacted) Packets Sent Host (Impacted) Packets Total |
|
Elasticsearch Field Name |
itemsPacketsIn itemsPacketsOut impactedHostTotalPackets |
|
Rule Builder Column Name |
PacketsIn PacketsOut |
|
Regex Pattern |
<packetsin> <packetsout> <packets> |
|
NetMon Name |
TotalPackets |
Field Relationships
-
Packets In/Out
-
Items In/Out
Common Applications
Network traffic analysis.
Use Case
-
Evaluating how much network traffic a given application generates.
-
Measuring average packet size as an indicator of protocol abuse.
MPE/Data Masking Manipulations
Conversion to In/Out.
Usage Standards
Capture total packets if possible.
Examples
-
Tectica SSH server
84540711 | 8/8/2013 1:40:01 AM | None | N/A | USABLDRRECFLOW01| Information | 0 | SSH Tectia Server | 1300 Channel inbound statistics, Username: uninitialized, Session-Id: 29936, Channel Id: 0, Packet count: 15, Packet size: 127
Packet count should be Packets.