Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 5241] Cannot run tshark under tcp using decode-as format for syslog

Wireshark-bugs: [Wireshark-bugs] [Bug 5241] Cannot run tshark under tcp using decode-as format f

Date: Tue, 21 Sep 2010 19:11:43 -0700 (PDT)

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5241

--- Comment #6 from Michael <mworsham@xxxxxxxxxx> 2010-09-21 19:11:37 PDT ---
(In reply to comment #5)
> (In reply to comment #4)
> > (In reply to comment #3)
> > > (In reply to comment #1)
> > > > Do you have a sample capture to work with?
> > > A real pcap file would be nice.
> > 
> > How do I do that by chance via tshark? (i.e. no X-Windows/GUI installed on
> > console servers)
> using option -w <outfile>

Okay, ran the following: 
On syslog-svr server: 
    ran "tshark -V -d udp.port==514,syslog -w syslog-ng.tshark-dump.pcap"

On syslog-clt server:
    ran "logger daemon" to use as a marker

Uploaded the dump file here: http://www.murpe.com/syslog-ng.tshark-dump.pcap

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

References:
- [Wireshark-bugs] [Bug 5241] New: Cannot run tshark under tcp using decode-as format for syslog
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 5245] New: "Same XID" doesn't necessarily mean "ONC RPC retransmission"
Next by Date: [Wireshark-bugs] [Bug 5242] New IPFIX file format support
Previous by thread: [Wireshark-bugs] [Bug 5241] Cannot run tshark under tcp using decode-as format for syslog
Next by thread: [Wireshark-bugs] [Bug 5242] New: New IPFIX file format support
Index(es):
- Date
- Thread