PI PacketCapture
From SCADApedia
General
Many vendors of routers and switches provide NetFlow, sFlow or IPFIX data. This data is sent to a collection point where and administrator can view information about the network. The following information is typically collected: Source Address, Source Port, Source MAC, Destination Address, Destination Port, Destination MAC, IP Protocol, Number of bytes.
Some routers and switches do not provide NetFlow, sFlow or IPFIX information. OSIsoft created an application named PacketCapture that converts any IP traffic it can monitor to a subset of Cisco's NetFlow protocol. This information is then sent to the PI IP Flow Interface.
The PacketCapture application must be able to monitor the traffic on the network. Some switches have a monitor or analyzer port, typically enabled in the switches software, that allows traffic to be monitored easily. Other methods for monitoring network traffic include hubs, fiber taps and copper taps.
Once the PacketCapture application is able to network traffic, the application converts the traffic to a format the IP Flow interface can understand. This information can then be sent to the PI server for further analysis.
