Comprehensive Network Traffic Monitoring: Solving Bandwidth Overloads with Advanced Tools

The bandwidth is only 1Mbps, and generally it’s not used much. I set up a small forum to record some study notes, with only a few visitors, but sometimes the bandwidth gets maxed out, and I don’t know what requests are causing the traffic overload. How can I record traffic data over a period?

Run this software to monitor traffic conditions

Network traffic monitoring

The software is small, with comprehensive detection items. You can sort by various sub-items, for example, I sorted by Status and Total Data Size as shown in the figure above.

Specific port, IP, data volume, and speed are clearly visible. To stop monitoring, click the stop button at the upper left side.

You can set an option to automatically export network traffic information to a file (csv / tab-delimited / html / xml) every xx seconds in the “Advanced Options” window, which makes reconciling traffic easier.

Software menu Options → Advanced Options

Network traffic monitoring

As shown in the figure, set the export file to an absolute path, with one file every 30 seconds as selected in the image. Eventually, there will be many small files. Put these csv files into one folder and execute a command to merge them into a single csv.

copy C:\Users\HASEE\Downloads\networktrafficview-x64\*.csv C:\all.csv

After merging into a single csv, open it with Excel. First, delete duplicate rows, then you can filter and analyze by IP, protocol, port, and time period.

Note: This software relies on WinPcap to capture traffic.

However, some installations with Tencent WinAgent report errors when installing WinPcap because Tencent WinAgent comes with WinPcap, making it impossible to install it separately.

[Tencent WinAgent Service]

C:\Program Files (x86)\WinAgent\

service name: winagent

display name: Tencent WinAgent

Version 4.1.3: The last official WinPcap release was 4.1.3 (the last version on the official site)

Winpcap 4.1.3 can be used on Win7/Win8.1/Win10/2016/2019/2012R2/2008R2.

Wireshark is recommended to use version 2.6.20 (the last Wireshark version with WinPcap, newer versions of Wireshark use Npcap)

Full version Wireshark official download link: https://2.na.dl.wireshark.org/win64/all-versions/

Open and search for 2.6. to find the last version; the previous last version of 2.6. was 2.6.19, but recently it was updated to 2.6.20

This method was verified on four types of Windows safe images (2008R2/2012R2/2016/2019), and it can resolve the interference caused by Onion installation of WinPcap.

Run these three commands in the command line as an administrator, then install WinPcap, and NetworkTrafficView can use WinPcap to capture traffic.

sc stop winagent

cd c:\windows\system32\drivers\

ren npf.sys npf.sys.bak

Then run the WinPcap installation file as an administrator to successfully install it. After installing WinPcap, you can use NetworkTrafficView.