NETMON Input Format Fields
The structure of the input records generated by the NETMON input format depends on the value specified for the fMode parameter.
TCPIP Mode
When the fMode parameter is set to "TCPIP", the NETMON input format returns an input record for each TCP/IP packet found in the capture file.In this mode, input records contain the following fields:
| Name | Type | Description |
|---|---|---|
| CaptureFilename | STRING | The full path of the capture file containing this packet |
| Frame | INTEGER | The frame number containing this packet |
| DateTime | TIMESTAMP | Date and time at which the packet was sent |
| FrameBytes | INTEGER | Total number of bytes in the frame |
| SrcMAC | STRING | MAC address of the sender of this packet |
| SrcIP | STRING | IP address of the sender of this packet |
| SrcPort | INTEGER | TCP port number of the sender of this packet |
| DstMAC | STRING | MAC address of the destination of this packet |
| DstIP | STRING | IP address of the destination of this packet |
| DstPort | INTEGER | TCP port number of the destination of this packet |
| IPVersion | INTEGER | IP version of this packet |
| TTL | INTEGER | Time-To-Live field of the IP header of this packet |
| TCPFlags | STRING | TCP flags field of the TCP header of this packet |
| Seq | INTEGER | TCP sequence number of this packet |
| Ack | INTEGER | TCP acknowledge number of this packet |
| WindowSize | INTEGER | Window size field of the TCP header of this packet |
| PayloadBytes | INTEGER | Number of bytes in the TCP payload of this packet |
| Payload | STRING | TCP payload of this packet |
| Connection | INTEGER | Unique identifier of the TCP connection to which this packet belongs |
TCPConn Mode
When the fMode parameter is set to "TCPConn", the NETMON input format returns an input record for each TCP connection found in the capture file.In this mode, input records contain the following fields:
| Name | Type | Description |
|---|---|---|
| CaptureFilename | STRING | The full path of the capture file containing this connection |
| StartFrame | INTEGER | Frame number containing the first packet of this connection |
| EndFrame | INTEGER | Frame number containing the last packet of this connection |
| Frames | INTEGER | Total number of frames containing packets belonging to this connection |
| DateTime | TIMESTAMP | Date and time of at which the first packet of this connection was sent |
| TimeTaken | INTEGER | Total number of milliseconds elapsed since the first packet of this connection to the last packet |
| SrcMAC | STRING | MAC address of the initiator of this connection |
| SrcIP | STRING | IP address of the initiator of this connection |
| SrcPort | INTEGER | TCP port number of the initiator of this connection |
| SrcPayloadBytes | INTEGER | Total number of bytes in the reconstructed TCP payload sent by the initiator of this connection |
| SrcPayload | STRING | Reconstructed TCP payload sent by the initiator of this connection |
| DstMAC | STRING | MAC address of the receiver of this connection |
| DstIP | STRING | IP address of the receiver of this connection |
| DstPort | INTEGER | TCP port number of the receiver of this connection |
| DstPayloadBytes | INTEGER | Total number of bytes in the reconstructed TCP payload sent by the receiver of this connection |
| DstPayload | STRING | Reconstructed TCP payload sent by the receiver of this connection |