examples
Examples — PacketPilot Config + Analyze
These examples show complete end-to-end workflows combining Config and Analyze.
Example 1: Bring Up a New Switch, Then Analyze the Capture
Goal: Bootstrap a new Cisco switch using Config's console wizard, then upload a config capture to Analyze for a baseline health check.
Equipment needed:
- Cisco switch (IOS-based)
- USB-to-serial console cable
- Windows PC with Config installed
- Analyze stack running
Step 1: Connect via Serial Console
- Connect the USB-to-serial cable from your PC to the switch console port
- In Config, open the Console tab
- Select the COM port (check Device Manager if unsure)
- Select the Cisco vendor profile
- Click Connect
- Press Enter — you should see the switch
switch:prompt or login prompt
Step 2: Run the Cisco Bootstrap Wizard
With the console connected and the Cisco profile active, click Bootstrap.
Follow each step. Example values:
| Setting | Value |
|---------|-------|
| Hostname | SW-LAB-01 |
| Management VLAN | 1 |
| IP Address | 192.168.1.10 |
| Subnet Mask | 255.255.255.0 |
| Default Gateway | 192.168.1.1 |
| Enable Secret | LabSecret! |
| SSH | Enable |
| SSH RSA Key Bits | 2048 |
Click Preview to review the generated commands before applying. When ready, click Apply.
Step 3: Verify SSH Access
After bootstrap completes:
- Disconnect the console cable (or keep it connected)
- In Config, open the Inventory tab
- Click Add Device
- Enter:
- IP:
192.168.1.10 - Vendor: Cisco
- Username:
admin(or whatever you configured) - Password: your bootstrap password
- IP:
- Click Save — Config tests the connection
Step 4: Capture Config and Export to Analyze
- Double-click the device to open an SSH session
- Run the following commands to capture relevant config:
show running-config
show interfaces status
show vlan brief
show spanning-tree
- Right-click the session → Export → JSON
- Save the file as
SW-LAB-01-baseline.json
Step 5: Analyze in Analyze
- Open the Analyze web UI at
http://localhost:3000 - Click New Case
- Name:
SW-LAB-01 Baseline - Tags:
baseline,new-switch - Click Create
- Click Upload Artifact → select
SW-LAB-01-baseline.json - Click Analyze
Findings appear. Review the AI summary for a plain-English assessment of the switch's baseline configuration health.
Example 2: SSH Audit of an Existing Device, Export Findings
Goal: Use Config to audit an existing network device over SSH, identify configuration issues, and export findings to Analyze for a formal report.
Equipment needed:
- An existing switch or router with SSH access
- Config installed on a Windows PC on the same network
- Analyze stack running
Step 1: Add the Device in Config
- Open Config → Inventory tab
- Click Add Device
- Enter:
- IP: the device's management IP (e.g.
10.0.1.1) - Vendor: select the correct vendor (or Auto-detect)
- Username and password
- IP: the device's management IP (e.g.
- Click Save
Step 2: Run an Audit via Bulk Operations
- In the inventory, click the device to select it
- Click Bulk Operations in the toolbar
- Enter these commands one at a time (or paste them as a sequence):
show running-config | include ^interface|^ snmp-server|^ access-list|^ spanning-tree
show version
show interfaces status
show cdp neighbors
show mac address-table
- Review the output — look for:
- Plaintext SNMP community strings
- Open or misconfigured access-lists
- spanning-tree portfast misconfigurations
- Missing loop-protect on access ports
Step 3: Export Findings to Analyze
- Right-click the device → Export Findings
- Choose JSON format
- Save the file
- Open Analyze → open or create a case
- Upload the JSON file as an artifact
- Click Analyze
Review findings and the AI summary. Export a PDF report for your ticketing system or incident log.
Example 3: Analyze a Suspicious PCAP
Goal: Investigate a network performance issue using a pcap captured on a span port.
Equipment needed:
- A pcap file from a span port or packet sniffer (Wireshark, tcpdump)
- Analyze stack running
Step 1: Create a Case
- Open
http://localhost:3000 - Click New Case
- Name:
Performance-Issue-2025-05-10 - Tags:
performance,investigation - Create
Step 2: Upload the PCAP
- Click Upload Artifact
- Drag
capture.pcaponto the upload area - Wait for upload to complete
Step 3: Analyze
Click Analyze. Wait 10–30 seconds.
Step 4: Review Findings
In the Findings tab, you might see:
CRITICAL— SQL injection attempt detected in HTTP POST payloadHIGH— Large number of DNS queries to an unusual external serverMEDIUM— TLS certificate mismatch on internal application endpoint
Click each finding to see the evidence (the specific packet that triggered it).
Step 5: Read AI Summary
The AI Summary tab explains the most likely root cause of the performance issue based on the highest-severity findings.
Step 6: Export PDF
Click Export PDF → attach to your incident report or ticketing system.
Example 4: Config + Analyze for a VLAN Hopping Investigation
Goal: A user reports intermittent connectivity issues. Use Config to capture spanning-tree output, then Analyze to check for VLAN hopping indicators.
Step 1: Capture via Config SSH
- Add the suspect switch in Config
- Open an SSH session
- Run:
show spanning-tree
show interfaces trunk
show vlan
show etherchannel summary
- Right-click session → Export → JSON
Step 2: Analyze the Export
- In Analyze, create a new case:
VLAN-Hop-Investigation - Upload the JSON export from Config
- Click Analyze
Look for findings related to:
- Spanning-tree inconsistencies
- Trunk misconfigurations
- Native VLAN mismatches
Step 3: Generate Report
Export the PDF and share with your network engineering team for follow-up.