Graph View
Packet Safari allows exploring your trace in a graph.
Packet Safari graph view gives you many benefits:
- ⚡️ Concise units. Choose human readable units.
- ⚡️ Better Insight. Immediately spot certain connections.
- ⚡️ Visualize throughput. Visualize throughput and packets per second.
- ⚡️ Anomaly detection. Detect anomalies like retransmissions.
The default graph view shows the packets over time.
You can adapt the graph further, filter it and aggregate values. The following graph shows:
- the throughput of all packets (black)
- the throughput of ICMP packets (yellow,
ip.proto == 1) - the number of retransmissions (
tcp.analysis.retransmissionaggregated with sum)
The units on the Y axis may also be different.
You can further zoom into the graph using the mouse and/or changing the base time unit. In this example we see packets on the millisecond scale.
⚠️ Note that sometimes the selected scale might result in too many data points being displayed. In this case we automatically adapt the time scale to a sane value.
Predefined graphs
There are a few context sensitive predefined graphs. They are context sensitive about the currently selected packet in the packet list.
These are useful to look at common analysis scenarios
Graph Presets
Similar to the predefined graphs, presets allow to load configurations for common analysis scenarios. These are howver not context sensitive (they don't take the connection information of the currently selected packet into account).
One axis vs multiple axis
Depending on the data unites plotted it might be more apt to plot just a single axis or multiple axes.
