Here’s something to think about if you want to do your own analysis of an IBM i communications trace (comm trace) using the open-source Wireshark packet analyzer.
By default, an IBM i comm trace outputs to a printer file, which is not readable by Wireshark. But if you’ve opened a ticket with IBM to do comm trace analysis, you can request IBM to convert the comm trace printout into Wireshark format. Once converted, you just download it from a link IBM will provide.
We just finished a ticket with IBM to set up a comm trace. We put a Wireshark trace on a PC client and started a corresponding comm trace on our IBM i. When finished, we sent both traces to IBM for analysis. After analysis, IBM converted the IBM i trace to Wireshark format, and we downloaded it and gave it to our network for further analysis.
So keep this in mind the next time you need to look at network traffic coming from an IBM i partition. With IBM’s help, you can get the trace data in a open-source format your Intel- and Cisco-centric team can deal with.