Review of SolarWinds Response Time Viewer for Wireshark

Key concept: this is a free tool from SolarWinds that analyzes packets captured by Wireshark®, which is also a free product.

Therefore, before you start using the SolarWinds Response Time Viewer, remember to download and install the Wireshark capture engine.

The strategy is to employ Wireshark for capturing network traffic, then export the .pCAPng files so that you can analyse the data in SolarWinds Response Time Viewer.

Topics for SolarWinds Response Time Viewer

When you are troubleshooting the classic computer performance problem: is it the network, or is it the application, a dedicated viewer helps to interpret the data captured by the packet sniffer.  For instance, you can identify network applications and calculate their response times.

How to Get Started

  1. Download and install the underlying network tool from Wireshark.
  2. Capture network packets.
  3. [Key Point] Export the capture to a location that you can access with SolarWinds Response Time Viewer.
  4. Install, then launch the SolarWinds Response Time Viewer.
  5. Browse to the captured file. 
  6. Press the 'Analyze' button, see screenshot below. 

Results from the SolarWinds Response Viewer

Once you have loaded the file that was exported from Wireshark, you are ready to scrutinize the packets in the Response Time Dashboard.  When inspecting the data, if you hover over an application such as CIFS or TCP, then you get an orange box showing a comparison of network and application response times.  This knowledge will help you answer the question, is the bottleneck due to the network or the application?

If you are more interested in the transaction volumes, they are displayed in the right hand column.

SolarWinds and Wireshark Interaction

As I mentioned earlier, you need to download the underlying protocol analyzer from the Wireshark site before you can use SolarWinds free viewer.  However no review of the SolarWinds Response Time Viewer would be complete without mentioning that you can export filters with a plan to import them back into Wireshark.  To achieve this simply highlight an application row, for example 'TCP' and click on 'Export selected…' at the very bottom right of your dashboard.

The benefit of a good filter is capturing better quality data.  Analyzing network packets can be like looking for a needle in a haystack, thus the more refined the input, the easier it is troubleshoot your problem.

SolarWinds Response Time Viewer Video

A good way to review this free tool is watch this YouTube clip.

Case Study – Intermittent Login Problem

Here is an example of how Wireshark captured the network packets, and SolarWinds' Response Time Viewer was able to unravel the users' login frustrations.

Users were complaining that when they tried to login to a database application, after they entered their username and password the interface hung.  Furthermore, this problem only occurred to some users, and then only intermittently.

Thanks to an investigation of network packets in the Response Time Viewer, the I.T. consultant was able to trace the 3-way handshake, he found that in some cases the second syn/ack packet was missing.  Further analysis of the Wireshark captures revealed a second server on the network, a machine that the new network manager did not realise existed.  This secondary network route only kicked-in during heavy user activity, hence the intermittent nature of the problem.  This login hanging was solved by investigating, and then amending, the firewall settings on the router, which connected this second server to the main network.

What is Wireshark?

Wireshark is freeware tool for network packet analysis, some call it a protocol analyzer, others a packet sniffer.  It runs on Windows, Linux or Unix and you can download Wireshark here.

In a nutshell, Wireshark analyses client server transactions with particular attention to their speed.  It can monitor any network protocol, and in the hands of expert you can troubleshoot slow user experience and thus determine if the latency is due to a LAN, WAN or QoS bottleneck.

Because there are so many protocols, and potential causes of latency the skill in using Wireshark is creating filters so that you are not overloaded with data.  Solarwinds Response Time Viewer not only helps greatly in displaying the data captured by Wireshark, but also the Response Time Viewer can create filters for export back to the Wireshark packet capture.

Help From Thwack Forum

SolarWinds have a thriving Thwack support forum.  Once you have registered you can get answers to your questions.  This is one of the best run forums on the internet, join the geeks at SolarWinds Wireshark forum here.

Additional Resources for Network Monitoring

If you are looking for an altogether more in-depth analysis of your network, then consider Network Performance Monitor (NPM).   With Solarwinds NPM you can trawl your complete network environment, and examine data for all the computer equipment that it has found.  SolarWinds designed NPM to find all the devices supplied by leading hardware vendors.

By choosing SolarWinds NPM you can avoid mistakes such as blaming the network for latency problems, when it's really an application on a server that is underlying cause.  See more on SolarWinds NPM.

Review Summary of Solarwinds Response Time Viewer for Wireshark.

This SolarWinds freeware utility is ideal for troubleshooting network connection and latency problems.  Remember that before you can use the Response Time Dashboard you need to export network packets captured by Wireshark.  When you inspect the data in the dashboard, if you hover over an application such as Teredo or TCP, then you get an orange box showing a breakdown of network and application response times.

