Mate

MATE: Meta Analysis and Tracing Engine

What is MATE? Well, to keep it very short, with MATE you can create user configurable extension(s) of the display filter engine.

MATE's goal is to enable users to filter frames based on information extracted from related frames or information on how frames relate to each other. MATE was written to help troubleshooting gateways and other systems where a "use" involves more protocols. However MATE can be used as well to analyze other issues regarding a interaction between packets like response times, incompleteness of transactions, presence/absence of certain attributes in a group of PDUs and more.

MATE is an wireshark plugin that allows the user to specify how different frames are related to each other. To do so, MATE extracts data from the frames's tree and then, using that information, tries to group the frames based on how MATE is configured. Once the PDUs are related MATE will create a "protocol" tree with fields the user can filter with. The fields will be almost the same for all the related frames, so one can filter a complete session spanning several frames containing more protocols based on an attribute appearing in some related frame. Other than that MATE allows to filter frames based on response times, number of pdus in a group and a lot more.

So far MATE has been used to:

You will find more information at the following pages:


Imported from https://wiki.wireshark.org/Mate on 2020-08-11 23:16:29 UTC