Guy Harris wrote:
> On Jul 9, 2010, at 12:46 PM, Maverick wrote:
>
>
>>I have huge pcap files in Gbs which I want to analyze using wireshark but wireshark is extremely slow and crashes while opening those files. I tried breaking those files into smaller files but thats not very good solution as I have to open up each file and sometime relationship between files gets lost.
>>
>>Is there a decent way to handle huge files in wireshark .
>
>
> For now, the only way is "use a 64-bit version of Wireshark, make sure you have enough disk space/swap space to back up a large virtual address space, and live with the slowness".
Except the 64 bit versions don't decode SNMP, unless someone has come up
with a 64 bit version of libsmi and changed the build recently.
--
There's no point in being grown up if you can't be childish sometimes.
-- Dr. Who
