Mostly a lurker as I only recently landed my first job with a NOC recently - I'm a "network analyst" not an admin or engineer if that matters.
Something I thought I might be doing often would be looking at pcaps and the like. Most if not all the time I have not needed to do this - generally boils down to layer 1-3 issues a physical issue or config issue. I find myself being at the level 1 support analyst never doing it. Pretty much it gets fixed without a packet capture or goes to a higher level analyst/team which I never see again as more tickets and calls come in.
I ask in part because where I work they use netscout and observer. Along with wireshark.
I am just left scratching my head a bit wondering if capturing and analyzing packets is more a niche skill then? Is learning how to read deeply into a pcap worthwhile or should I put my time and effort into say the CCNP or scripting for example?
Personally I think its freakin cool, one of my favorite things in packet tracer was turning on the option to see how packets were being sent over network - seeing DHCP, STP, ARP, and all these packets just working over (or not working lol) the network its crazy to think about.
No comments:
Post a Comment