CloudShark Support

CloudShark 1.9

Release History

Release Type Release Number Release Date
Original CloudShark 1.9 build 1507 July 24, 2013
Maintenance Release 1 CloudShark 1.9 build 1528 July 30, 2013
Maintenance Release 2 CloudShark 1.9 build 1556 August 23, 2013
Maintenance Release 3 CloudShark 1.9 build 1588 September 18, 2013

Original release: CloudShark 1.9 build 1507 July 24, 2013


Important!

Before upgrading from CloudShark 1.8 to 1.9, you must first run the following command:

yum erase cloudshark-tools


There was an issue with the previous version of tools that would prevent the upgrade to 1.9 from succeeding. This will fix it forever. This step is not required if you are upgrading to CloudShark 1.9 from release 1.7 or earlier.

New Features and Highlights

CloudShark 1.9 is a really exciting release for us. From the beginning we have always wanted to support the playback of audio streams contained within packet captures. Now we can!

CloudShark currently supports playback of three audio codecs:

  • G.711
  • G.729
  • GSM

Audio files can be downloaded in a variety of formats as well as be played back right within your web browser. For the best audio experience, we recommend using the latest version of Chrome.

RTP Stream Analysis and Playback

CloudShark 1.9 now includes a new RTP Streams analysis tool with individual RTP stream statistics, analysis, and a playback feature. Visit the RTP Stream Analysis Tool section in the CloudShark User Guide to learn more about this new feature. Find it in the Analysis Tools menu!

You can also check out a sample RTP CloudShark Session on cloudshark.org.

VoIP Call Playback

In addition to playing back single RTP streams, CloudShark 1.9 is now able to take a VoIP Call Flow that has been captured along with the RTP packets and combine the streams in to a playable conversation between parties.

Please see then VoIP Call Analysis Tool page for more details on this new feature.

Upgraded to tshark 1.10

CloudShark is now running tshark 1.10 behind the scenes. There are many new additions that make this a great release including improved default colorization rules and lots of new protocols.

Improvements to the main packet view

Several improvements have been made to the main packet view inside CloudShark.

Resizable panes

The main packet analysis view inside CloudShark now lets you resize the individual panes so you can focus on the data you are looking at the most.

Up/Down buttons

Use the up and down arrows on your keyboard to move between subsequent packets in the main analysis view.

Expand Protocol Subtrees

Some protocols just use a lot of layers to display! You can now expand all the layers of a main protocol by holding down the Alt (Option on the Mac) key and clicking the protocol. If your Alt+click does not expand your protocol, try Alt+Shift+click or check your keyboard settings.

Support for Wireshark style display filter macros

It is now possible to create display filter macros and make these available system wide for all your CloudShark users.

Find all the annotations in a file

If you have a capture file with a lot of annotations in it, sometimes it can be hard to find them all by scrolling up and down the file. You can now click on the Info button, visit the “Comments” tab and in addition to seeing all of the per-packet annotations, you can apply a display filter to just show you all packets with annotations, or zoom in on an individual one.

Support for Wireshark style display filter macros

It is now possible to create display filter macros and make these available system wide for all your CloudShark users. You can even import your existing Wireshark display filter macros right into CloudShark. The macros can be used any place a display filter is accepted include the packet viewer and graph analysis tool. Learn more by visiting CloudShark Display Filter Macros.

Administrator Messages

If you would like to configure a message to be put at the top of every page in CloudShark, maybe to inform users of expected downtime, or upgrades, or policy changes, you can configure it in the Setting area.


Bug Fixes and Notes

Several smaller changes have been made to improve features and fix bugs. If you’re curious about the details of any of these, please contact support@cloudshark.org.

  • Prevented potential XSS attacks through search and _message parameters.
  • Configuring an auto-import location will verify that the path is writable.
  • Added administrator controls over setting a user’s default upload group.
  • Upgraded to new color scheme and style on all graphs.
  • Resolved an issue where using a Display Filter Macro would break in a graph without applying a series label.
  • You may now export a graph as an image/PDF without having to save that graph first.
  • Graph series labels now correctly display the ‘ (single quote) character.
  • Graph series labels are able to contain punctuation.
  • Added the CloudShark logo as a watermark for all graphs
  • Improved graph legend layout so longer names don’t overlap with the titles as much.
  • Improved colorization of SIP Call Flows with more than 10 different calls.
  • Resolved dependency issue with the cloudshark-tools package so upgrades work as expected in the future.

Maintenance Release #1: CloudShark 1.9 build 1528 July 30, 2013

  • Prevented potential XSS attack through the search parameters

Maintenance Release #2: CloudShark 1.9 build 1556 August 23th, 2013

  • Upgraded cloudshark-tools package to use tshark version 1.10.1
  • Added ability to rename files from the Info dialog box
  • Fixed issue with annotations not appearing correctly on graphs
  • Fixed an issue navigating amongst multiple graphs when viewed in a dialog box.

Maintenance Release #3: CloudShark 1.9 build 1588 September 18th, 2013

This maintenance release of CloudShark 1.9 also introduces support for CloudShark Solo licenses. CloudShark Solo is for individuals and does not have multi-user capabilities.

  • Upgraded cloudshark-tools package to include tshark version 1.10.2
  • Fixed usage of a deprecated tshark “-R” flag in the HTTP analysis module
  • Cleaned up some spelling mistakes
  • Fixed the date-selection widget on the Admin/Activity page.
  • Activity page now defaults to viewing activity from “today” rather than forever.
  • Greatly improved error detection and reporting during CloudShark startup.
  • Added the current system time to the Admin/System Info page.

About CloudShark

CloudShark is made by QA Cafe, a technology company based in Portsmouth, NH. Our passion for packet captures has grown out of our other product CDRouter.

Get in touch via our Contact us page or by following us on your favorite service: