Wireshark
the world's foremost network protocol analyzer
Wireshark-users: Re: [Wireshark-users] Is it possible to back-up packetcapturesindefined time interval
From: Sake Blok <sake@xxxxxxxxxx>
Date: Thu, 1 May 2008 22:58:56 +0200
On Thu, May 01, 2008 at 04:40:47PM -0400, Chuck Sutherland wrote:
> I use that feature and you will still see out of memory errors! I'm
> still looking for a combination that works well file size wise and
> numbers of files.
Well, wireshark is still statefull, even when using multiple files. That
means that the memory footprint will increase over time. You can use
the utility "dumpcap" which is installed with wireshark to accomplish
what you want.
Have a look at "dumpcap -h" output for all the options, I have used it
like this for months in a row, basically creating a 16GB ringbuffer:
dumpcap -i3 -b files:1024 -b filesize:16384 -w trace.cap
Hope this helps,
Cheers,
Sake
- Follow-Ups:
- Re: [Wireshark-users] Is it possible to back-uppacketcapturesindefined time interval
- From: Barry Constantine
- Re: [Wireshark-users] Is it possible to back-uppacketcapturesindefined time interval
- References:
- Re: [Wireshark-users] Is it possible to back-up packet capturesindefined time interval...
- From: E Rajasekharan-A20741
- [Wireshark-users] Is it possible to back-up packetcapturesindefined time interval
- From: Chuck Sutherland
- Re: [Wireshark-users] Is it possible to back-up packet capturesindefined time interval...
- Prev by Date: [Wireshark-users] Is it possible to back-up packetcapturesindefined time interval
- Next by Date: [Wireshark-users] SSL issue not decoding data
- Previous by thread: [Wireshark-users] Is it possible to back-up packetcapturesindefined time interval
- Next by thread: Re: [Wireshark-users] Is it possible to back-uppacketcapturesindefined time interval
- Index(es):