【Hinemos6.1】Introduction to the Packet Capture Monitor

This article will explain to you about the Packet Capture Monitor, a new monitoring feature introduced from Hinemos ver.6.1.


①Hinemos Agent must be installed and running on the target node
②libpcap/WinPcap must be installed

<The Process Flow of Packet Capture Monitor>
①Hinemos Agent will retrieve the packet sent/received from the network card
②Output the packet as dump file when the specified amount has been retrieved (*1)
③Perform a monitor to the output dump file

*1 The number of packets and the output directory of the dump file are decided according to the configuration of Hinemos Agent

The collected network packets can be accumulated in the internal database, and these data can be analyzed using tools such as Wireshark.

By collecting/monitoring network packets, Hinemos can detect that specified amount of data has been transferred between certain addresses.

Send an alert when the amount of data transferred between Name:os1-var6-1) and has reached a specific value.

・Filter(Specify the target range of the packet according to the BPF rule):host
・Judgment(Search for specific keyword included in the collected packet):.*→Critical


Transfer data between and

Hinemos has detected the dump file including the packet transferred between and output from Hinemos Agent.


By changing the filter setting, you can select various range data to retrieve from the packet.
You can also customize the judgment setting to let Hinemos notify you when a specified character string is included in the retrieved packet.

That’s it for the introduction to the Packet Capture Monitor.


Thank you for reading!


