Menu

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

2 questions about issues with monitoring and dashboard

ChrisRChrisR Newbie ✭
in Capture Security Center

I am going through the SNSA training program and have made some small changes on our NSa2650 to help me understand how the system works by monitoring the packets and using a a trace to view them. I have a basic "wrap capture buffer" monitor going so I can refer to something if I have complaints about the network. I started the capture last friday and monday morning our dashboard multi-core view was showing a much heavier load than normal. It was showing around 50% usage and normally it shows 1-3%, show the SNSA wanted the capture stopped. Right now it shows normal with it running but I am wondering why it starts using resources after the buffer is full.

My 2nd question is the dashboard view shows connections, what connections do these represent? I normally show 200-400, but if I open a web based yahoo mail session it will show 500-600 connections and slowly return back to the normal range. Am I reading this correctly? Is this normal? I have tried it a fgew times to be sure it was my doing and every time I open a yahoo mail page it shoots the connections up to over 500.

Thanks in advance for any help or documentation you can provide. 😎

Category: Capture Security Center
Reply

Best Answer

Answers

  • ChrisRChrisR Newbie ✭

    Did I place this in the wrong section?

  • ChrisRChrisR Newbie ✭

    Awesome @Micheal. I starting monitoring because the SNSA test questions logging should be done at all times but the output isn't very useful from what I am seeing. Most of the time I get "Did you see an issue at X:XXPM?" It really only shows if a packet was dropped, or made it so I am still trying to find a better tool to monitor the connection to the ISP.

    Thanks again for the help!

Sign In or Register to comment.