Documentation
OmnipeekOmnipeek User GuideDownload PDF
Post-capture Analysis : Label selected packets
Label selected packets
For packets displayed in the Packets view of an Omnipeek capture window, you can right-click one or more packets and select from the context menus to add, select, or clear colored labels (Red, Orange, Yellow, Green, Blue, Purple and Gray) to or from the packets. The colored label appears as a colored highlight across the entire row of the packet. When a row has a colored label applied to it, and the row is currently selected, a colored globe the same color as the colored highlight appears to the left of the packet number.
Adding colored labels to packets lets you visually group those packets inside the Packets view so that they are easy to identify. For example, you can select all the TCP packets with a SYN flag and add the same colored label to them. This will let you easily identify the start of a flow since a flow always starts with a TCP packet that has the SYN flag.
TIP: When used in combination with the ‘Select Related’ feature, the ‘Label’ packets feature lets you easily drill down into the packets that are of most interest to you in analyzing. See Selecting related packets.
To add a label to packets:
1. Select the Packets view of an Omnipeek capture window.
2. Right-click one or more packets you wish to label, and on the context menu, point to Label Selected Packets, and then click the desired label color to apply to the selected packets. Selecting ‘None’ from this menu removes any colored label applied to the selected packets. Selecting a color from this menu applies that color label across the entire row of the selected packets.
To select labeled packets:
1. Select the Packets view of an Omnipeek capture window.
2. Right-click one or more packets that are labeled with the color you wish to select, and on the context menu, point to Select Labeled Packets, and then click the desired label color. Selecting ‘All’ from this menu selects all packets that have a colored label applied to them. Selecting a color from this menu selects only the packets labeled with that color.
To clear a label from packets:
1. Select the Packets view of an Omnipeek capture window.
2. Right-click one or more packets, and on the context menu, point to Clear Labels, and then click the desired label color. Selecting ‘All’ from this menu removes the colored label from all packets that have a colored label applied to them. Selecting a color from this menu clears the colored label from only the packets labeled with that color.