Computing devices are often coupled to a network that provides connectivity and various services to the computing devices. Problems with the network may be monitored and resolved by network administrators using outputs generated by traditional analytics and diagnostic tools.
Software-defined networking (SDN) has become more prevalent for configuring, provisioning, and modifying networks, as SDN reduces the time needed to administer a network. In particular, SDN may be used to configure a logical network that can be more easily administered. However, problems in such a logical network may be more difficult to monitor and resolve.
Typical packet capture tools used to identify sources of problems in a physical network may not be sufficient for quickly addressing problems in a logical network and may be resource intensive. For example, packet capture tools allow packets communicated in a network to be captured by an administrator and analyzed to help identify problems in the network. Capturing all the packets in the network may not be feasible due to resource constraints. Accordingly, some packet capture tools may filter the packets captured based on Internet protocol (IP) addresses associated with the packets.
However, even such filtering may still be insufficient in a network. For example, the distributed nature of a logical network may make it difficult to identify where in the network to implement packet capture for a problem with a particular application or a particular computing device. For example, if a particular user is having a problem with a particular application accessing the logical network, a system administrator may first need to identify each instance of the application running on the logical network, the logical switches the application is connected to, on what physical machines those logical switches reside, and only then be able to start the appropriate packet capture.