Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-users: Re: [Wireshark-users] automate capture feature

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Martin Visser <martinvisser99@xxxxxxxxx>
Date: Sat, 17 Apr 2010 13:44:48 +1000
While you can do what Tal says, you can do this easily in Wireshark. Before you capture, Capture->Options menu.  Under the Capture File(s) section, enter a File name, example mycapture.pcap and then select the Multiple Files checkbox and only select Next File every 1 minute. You can option specify when you want to stop.

Wireshark then will create a new file every minute called something like mycapture_00001_20100417131441.pcap (where the first set of digits is a serial number and the second is contracted form of the date.

Simple!

Regards, Martin

MartinVisser99@xxxxxxxxx


On Sat, Apr 17, 2010 at 4:14 AM, Tal Bar-Or <tbaror@xxxxxxxxx> wrote: says
Hi,

i would use first Tshark and then use file rotation( file ring buffer) lets say 2 files for 1 min and always query the last file not active.
Next i would phrase (regexp) data needed and write it to xml and send it to central location display it via web console using Flex technology.
Regsrds


On Fri, Apr 16, 2010 at 5:38 PM, sachindeo v chavan <sachin_chavan@xxxxxxxxx> wrote:
Hi all,

I have a query on wireshark. I have version 1.2.7.
How can I repetitively capture network and save the capture at regular interval say every 1 min while the capture is going on?

In other words, save the captured info on the fly? that is, save every 1 min while the capture is going on.

regards
sachin



___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe



--
Tal Bar-or

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube