More Capsa Fun

I got a call from a customer that was experiencing high latency on the network.  So much so that they called me to come over and help with finding out what the issue was.  So as I got there, the first thing we did, besides talk about what was going on, was to connect Capsa into the network and try to figure out what was going on.
We first looked at the port where the firewall was connected and didnt see anything unusual.  Then we moved over to a switch uplink port that the customer thought could be the issue.  Sure enough, it was where the issue was.  When we moved our mirrored port over to monitor that uplink, we saw around 53000 pps on Capsa.  And in Capsa, we saw the offending IP address as well.  It took us all of a few minutes to find the problem.
The moral of this story: Its important for the network engineer to have the right tools to do his job.  You wouldnt go to the pistol range with a knife, would you?  You wouldn't want to vacuum your floors with your hands would you?  Same for network troubleshooting.