How to modify the time display in Cisco IOS and Wireshark

Home > Blogs > Cisco > How to modify the time display in Cisco IOS and Wireshark

How to modify the time display in Cisco IOS and Wireshark

Like This Blog 0 Mark Jacob
Added by November 16, 2015

As a busy network admin, you have likely peered deeply into the data flowing throughout your network in order to locate the cause of problems. I just wanted to post a quick blog that I find useful in correlating the information from my debug outputs on my Cisco devices with packet captures performed using Wireshark.

For instructor-led training, see our Cisco Training Schedule and our Wireshark class.

On a Cisco IOS device, the timestamps can be modified to your liking with the service timestamps option. If you are not familiar with it, feel free to type service timestamps ? to investigate further. The gist is you can set the timestamps for both your log messages and your debug output. When you want to correlate the capture in Wireshark with the information contained in a debug output, here is a sweet tweak you can make in Wireshark.

001-modify-time-display-in-Cisco-IOS-and-Wireshark

For comparison, figure 1 shows how the Wireshark output appears with default settings:

To modify how the time appears, click the View menu option, then Time Display Format. I show it in figure 2:

002-Time-Display-Format-modify-time-display-in-Cisco-IOS-and-Wireshark

You see all the choices at your disposal here. If I have set the time zone on my Cisco device, then I can match that choice as shown.  What I like to do is set the display to Nanoseconds together with Date and Time of Day. I show the results of that selection in figure 3:

003-Time-Display-Format-modify-time-display-in-Cisco-IOS-and-Wireshark

Once again, I like to make the timestamp output match when I am troubleshooting because it makes it so much easier to correlate data from multiple sources. If this reduces the time spent for even one reader then it will be worth it. Unless you get paid by the hour.

If you have any comments or suggestions, please feel free to post them.

Until next time….

Mark Jacob
Cisco and CompTIA Network + Instructor – Interface Technical Training
Phoenix, AZ

Videos You May Like

An Overview of Office 365 – Administration Portal and Admin Center

0 841 3

This is part 1 of our 5-part Office 365 free training course. In this Office 365 training video, instructor Spike Xavier introduces some of the most popular services found in Microsoft Office 365 including the Admin Portal and Admin Center. For instructor-led Office 365 training classes, see our course schedule: Spike Xavier SharePoint Instructor – … Continue reading An Overview of Office 365 – Administration Portal and Admin Center

Creating Users and Managing Passwords in Microsoft Office 365

0 642 3

In this Office 365 training video, instructor Spike Xavier demonstrates how to create users and manage passwords in Office 365.   For instructor-led Office 365 training classes, see our course schedulle: Spike Xavier SharePoint Instructor – Interface Technical Training Phoenix, AZ 20347: Enabling and Managing Office 365    

Detailed Forensic Investigation of Malware Infections – April 21, 2015

4 599 5

How does an investigator hunt down and identify unknown malware? In this recording of our IT Security training webinar on April 21, 2015, Security expert Mike Danseglio (CISSP / CEH) performed several malware investigations on infected computers and identify symptoms, find root cause, and follow the leads to determine what’s happening. He demonstrated his preferred … Continue reading Detailed Forensic Investigation of Malware Infections – April 21, 2015

Write a Comment

Share your thoughts...

Please fill out the comment form below to post a reply.