First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

Big traces: how to jump from a message in the call flow to the same message in the trace

Hi there,

I often have to analyse traces with hundreds or even thousands of messages. Sometimes I have to treat traces with more than a million messages. There manual manoeuvring with up and down keys becomes time-consuming and clicking above or below the current location is not fine enough anymore. MacBook Pro does not offer 'page up' or 'page down' functionality on their keyboards. It is well known to everybody how to jump from a message in the call flow to the same message in the trace just by clicking on it in the call flow. The message in question in the trace is located and high-lighted. But, is there also a possibility to do it the other way around from trace to the call flow, i.e. not the manual way by searching the time stamp in the call flow ?

-m's avatar
1
-m
asked 2019-11-20 08:59:10 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

Actually you can use Page Up and Page Down on Mac: use Fn + Up or Fn + Down.

First hit on search engine of your choice: http://osxdaily.com/2015/07/07/page-u...

I'd recommend that you filter your traces using display filters and perhaps even save the filtered traces to a separate file in order to speed up your analysis.

I'm not a call flow analysis expert, but is there no right-click filter functionality you can use?

Perhaps you can share a (small) capture file so we can see exactly what you're dealing with?

NJL's avatar
120
NJL
answered 2019-11-20 09:28:57 +0000, updated 2019-11-20 09:30:16 +0000
edit flag offensive 0 remove flag delete link
more

Comments

Hi NJL, Thanks for your reply. It allows me to use 'page up' and 'page down' from my MacBook Pro keypad, pressing fn + up arrow respectively fn + down arrow. Regarding filtering: unfortunately this is no option, as some SIP messages in our network exceed the normal maximum packet size of 1500 bytes. These messages get transported in fragments and Wireshark fails to re-assemble them to one message, if I filter simply on SIP. About right-click functionality: there is currently no option to jump to the message in the call-flow (Wireshark OS-X). Example of a capture file I will send later. I need to search for a good instance.

-m's avatar -m (2019-11-20 10:17:00 +0000) edit
more
  • delete
add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer