Omnipeek Getting Started Guide
Welcome to Omnipeek, the network analyzer and software console for distributed network analysis from LiveAction!
Using Omnipeek with Capture Engines
As a software console for Capture Engines, Omnipeek can also manage and interact with an unlimited number of Capture Engines performing independent capture and analysis at any location across the network.Omnipeek allows network engineers to troubleshoot problems and perform statistical analysis on remote segments from a single location, as shown in the diagram above. A single Capture Engine can also link to multiple installations of Omnipeek, allowing simultaneous connection and collaboration, as shown below.The separately purchased Capture Engines have no user interface of their own. Capture engines rely on Omnipeek to provide a user interface through the Capture Engines window. For more information, see Using Omnipeek with Capture Engines. See also the Capture Engine for Omnipeek Getting Started Guide that ships with the product or the online help in the Capture Engine Manager application.
The Capture Window
Capture windows are the main interface for presenting traffic analysis information about your network. Omnipeek lets you create capture windows for local captures, as well as remotely from multiple interfaces to an unlimited number of distributed Capture Engines.
You can create multiple configurable capture windows, each with its own selected adapter and its own capture settings. The number of capture windows you can have open at one time is limited only by the amount of available system resources.
When configuring a capture window’s capture settings, keep in mind that the window’s capture performance can be directly related to the number and type of capture options that you have enabled. For example, enabling more options may give you more data, but may come at the price of a greater likelihood of not capturing all the data.
The things that determine how much data (and therefore how many capture options) a capture can handle is determined by the system memory and CPU power of the Omnipeek or Capture Engine computer, the amount and kind of data that is being captured, and the number of capture options and analysis modules that are enabled. Enabling capture options, such as Capture to disk, Expert Analysis, and Graphs; and enabling an analysis module such as VoIP Analysis consumes much more machine resources than others.
Creating an Omnipeek capture
To create an Omnipeek capture:
1. Do one of the following to start a new capture:
• Click New Capture on the Start Page
• On the File menu, click New Capture…
The General options of the Omnipeek Capture Options dialog appear.
Network forensics is the retrospective analysis of network traffic for the purpose of conducting an investigation. You can use Omnipeek and the Capture Engines to capture, store, and data mine large volumes of traffic data in order to investigate items such as network problems, security attacks, HR policy violations, and more.
Network forensics is the retrospective analysis of network traffic for the purpose of conducting an investigation. You can use Omnipeek to capture, store, and data mine large volumes of traffic data in order to investigate items such as network problems, security attacks, HR policy violations, and more. From the Capture Engine window, you can perform network forensics analysis from the Files or Forensics tab of a connected Capture Engine. See Forensic search from the Files tab and Forensic search from the Forensics tab. NOTE: You can also perform forensic analysis directly from a ‘Forensics Capture’ window. See
Voice and video over IP analysis
To analyze 10 Gigabit, Gigabit, or wireless traffic, a supported network analyzer card (e.g., LiveAction capture adapters) or wireless LAN adapter is required for Omnipeek. For the most recent information on network adapter cards and drivers, please visit https://www.liveaction.com/products/. For information on configuring wireless channels and security, and Gigabit hardware profiles, in Omnipeek and the Capture Engines, please refer to the Omnipeek User Guide or online help.
To start Omnipeek: