PANalyzr Troubleshooting

Updated: 1/6/2023

Licensing error message is displayed

The correct license files were not found if the following message is displayed when the PANalyzr software is launched: 

Public Key needed to check the license, please put your .pbk file into the installation directory

To resolve this:

• Copy the provided .pbk and .lic files to the selected PANalyzr software installation folder (the default installation path is C:\Program Files (x86)\Spanalytics\PANalyzr)
• If no .pbk or .lic file is available, contact Spanalytics Technical Support

PANalyzr “hangs” during Rerun Analytics

The Rerun Analytics function can take various amounts of time to run depending on the number of packets captured. It can take a few seconds to a few minutes, during which the GUI will not be responsive to user interaction. Once the function completes, the GUI will become responsive as normal. If this occurs, we recommend waiting several minutes for the function to complete the meta data and graphs in the GUI. This will be improved in future releases.

PANalyzr SDR fails on restart

The SDR does not fully reset after if 1) it is connected to the computer during a restart, 2) and USB 3.0 cable is used to connect the PANalyzr to the computer and 3) the PANalyzr software is launched.
In this scenario, when the PANalyzr software is launched after the computer restart, the LED on the SDR will change to purple and the error message “Error Initializing SDR, please connect/reconnect!” will be displayed in the GUI status window. To resolve this, close the PANalyzr software, detach the PANalyzr hardware, wait 10 seconds, re-attach it to the computer and relaunch PANalyzr.

Command Line Interface Path File

If you use the command line interface path option, the file path must exist prior to using path options or the application will not work as intended. If you run for example ‘PANalyzr.exe Mode=Start Path=C:\Tester\Captures” and the file path C:\Tester\Captures does not exist, PANalyzr will not properly launch.

Wi-Fi error

If npcap is not installed correctly, the following error message is displayed when Wireshark is launched with the option to use the Panda Wi-Fi adapter: 

The capture session could not be initiated on interface '\Device\NPF_{48050cc6-7C69-46BA-9B26-8E75B7403357}'(Generic error).

Please check to make sure you have sufficient permissions, and that you have the proper interface or pipe specified.

To fix this:

• Uninstall Wireshark & npcap (make sure to select npcap for uninstallation during the uninstall process for Wireshark).
• Reinstall Wireshark 3.6.9 and npcap.
• Ensure the following checkboxes are selected during the installation process:

   -Support raw 802.11 traffic (and monitor mode) for wireless adapters

   -Install Npcap in WinPcap API-compatible Mode

Error Initializing SDR

If the following messages are displayed in the status window, detach the PANalyzr hardware, wait 10b seconds then re-attach it to the computer.

Failed Invalid response
Error Initializing SDR, please connect/reconnect!
Failed Connection error
Error Initializing SDR, please connect/reconnect!

802.15.4 Toggle is Disabled

If you launch PANalyzr and have the Q59 dongle attached, but the 802.15.4 toggle switch is disabled, you need to verify that the correct driver installed for the Q59 dongle.

To resolve this:

• Open Device Manager -> Ports (COM & LPT).
• Unplug and re-insert the Q59 dongle to observe which COM device driver is applied to the dongle. If it does not show up as "USB Serial Device (COMX)", it won't be detected and selectable in PANalyzr. Right-click the device in the COM ports list and select Uninstall device from the menu.
• Once the device driver uninstall completes, select the Scan for hardware changes button on the Device Manager menu.

GPS COM Port not detected by the PANalyzr software
A USB GPS receiver with the PANalyzr software needs to be connected to the computer before launching the PANalyzr software. If no COM port is listed in the "Select a COM Port" list, close the PANalyzr software and restart it.

BR/EDR Dissection is not complete.
If the dissection for BR/EDR packets listed in the Packet View does not look complete, apply the profile PANalyzr-BREDR to add columns and refresh the view.

PANalyzr gets stuck / No packets in the Wireshark window
If there are no Bluetooth packets in the Wireshark window, attempt to generate the traffic again.

If packets are still not displayed in the Wireshark window, this could indicate the detection threshold is too high or low.

If the LED on the PANalyzr Protocol Analyzer has changed to a flashing Red color, then perform the
following steps to resolve the issue:

1. Close the PANalyzr software
2. Detach the PANalyzr hardware
3. Re-attach the PANalyzr hardware to the computer
4. Restart the PANalyzr software

Longevity Usage Recommendations

• Launch longevity test using the dumpcap feature
• Disable Windows update and power settings (in accordance with your company IT policy)

Antivirus
Some antivirus software may quarantine the panalyzr_win_gui.exe executable. If this occurs:
1. Restore the panalyzr_win_gui.exe file if it's been quarantined
2. Add the executable to the allowed list of your antivirus software

“Error occurred: tshark: Syntax Error” Message Displayed in brackle status
window
If the following error messages are displayed in the brackle status window, it means the user has tried to
run brackle on files in a folder they don’t have permissions in:

Calling Tshark to create capture file with only btle_rf1 type packets...
Error occurred: tshark: Syntax error.
Unable to process this capture file. See the User Guide for troubleshooting recommendations.
Calling Tshark to create capture file with only btbredr_rf1 type packets...
Error occurred: tshark: Syntax error.
Unable to process this capture file. See the User Guide for troubleshooting recommendations.

To resolve this, move or copy the capture files to a folder the user does have permission (e.g., Documents, Desktop, etc.)

SDR options are disabled (greyed out)
If the BLE, BR/EDR and 802.15.4 SDR options are all disabled (greyed out), this means that the SDR was not detected on startup. Additionally, the message “PANalyzr SDR Not Found!” will be displayed in the status window.

To resolve this, detach and re-attach the PANalyzr SDR to the computer, then restart the PANalyzr software. The options should then be selectable.

Heap error
The following error message is displayed in either an error message dialog or the command line (if the command line option has been used). This indicates a memory issue:
• Exception Unhandled: Unhandled exception at 0x00007FF99E95B049 (ntdll.dll) in PANalyzr.exe 0xC0000374: A heap had been corrupted (parameters: 0x00007FF99E9C27F0)

Solution:
This problem has been fixed in PANalyzr v1.0.0.2 or later. So upgrade to PANalyzr v1.0.0.2 or later to resolve this issue

Configuration system failed to initialize
The following error message is displayed when the Launch button is clicked. This typically occurs when PANalyzr is installed on a machine that had a much older version of PANalyzr installed (so the configuration files don’t match or work together).

Solution:
• Close PANalyzr software.
• Go to the folder :\Users\<username>\AppData\Local\Spanalytics,_LLC .
• Delete all folders in this directory.
• Relaunch PANalyzr software, click the Launch button.
• The error message should no longer be displayed.

Error occurs when Z-Wave packet analysis is enabled
If Python is not installed correctly, you will receive the following error when starting packet analysis with Z-Wave enabled:

To fix:
• Reinstall Python following the procedure as instructed in the PANalyzr setup guide. The installer for Python can be found in your existing PANalyzr install directory.
• It is important to ensure that Python is installed in the main C:\ directory (or whatever your primary OS install disk is named). See below:
• C:\Python39

BR/EDR Packet Dissection is not correct in Wireshark
If it appears that packet dissection is not accurate in Wireshark, look at the Wireshark Packet Details for one of the packets, with the Frame field expanded.

Note the [Protocols in frame:] field.
If the Wireshark plugins are loaded correctly, the field values will include bluetooth:btbredr_rf1:btbb.

If the Wireshark plugins are not loaded correctly, the field values will only include bluetooth:btbredr_rf.
• Confirm the files panalyzr.dll and zwave.dll are located in the C:\Users\<username>\AppData\Roaming\Wireshark\plugins\3.6\epan folder.
• If they are in that folder:
o Confirm you do not also have Wireshark version 4.0.0 installed on your machine. If you do not have Wireshark 4.0 installed:
• See Tier 2 level for help

Wireshark is using too much memory
Wireshark will continuously increase memory usage as long as its running. There is no solution for this, but recommendations can be made:
• If the Wireshark GUI is needed for your use case, consider running on a machine with more memory. A machine with 8GB RAM is the minimum recommended.
• If the Wireshark GUI is not needed for your use case, you can run PANalyzr without launching Wireshark.
o To do this, just uncheck the “Wireshark” checkbox on the main GUI panel.