Wireshark · Wireshark-users: Re: [Wireshark-users] Analyzing many pcap files with tshark

Wireshark-users: Re: [Wireshark-users] Analyzing many pcap files with tshark

From: Maverick <myeaddress@xxxxxxxxx>

Date: Tue, 26 Oct 2010 22:31:58 -0400

Yeah but I have huge file sizes in tens of gbs and merging them first doesn't seem like a good idea so I thought there must be some way to do this analysis on all files.

So how this analysis is usually done? People work on individual files and than use some other tool to collect the results of individual tool may be I can take that approach.

Thanks
MAK

On Tue, Oct 26, 2010 at 5:53 PM, Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx> wrote:

On Tue, Oct 26, 2010 at 07:40:33AM -0700, Maverick wrote:

> Is it possible to give many pcap files to tshark to be processed at
> the same time.

No, but you can use the mergecap program that comes with Wireshark to
combine multiple capture files into one.

___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

Follow-Ups:
- Re: [Wireshark-users] Analyzing many pcap files with tshark
  - From: Guy Harris

References:
- [Wireshark-users] Analyzing many pcap files with tshark
  - From: Maverick
- Re: [Wireshark-users] Analyzing many pcap files with tshark
  - From: Stephen Fisher

Prev by Date: Re: [Wireshark-users] Analyzing many pcap files with tshark
Next by Date: Re: [Wireshark-users] Analyzing many pcap files with tshark
Previous by thread: Re: [Wireshark-users] Analyzing many pcap files with tshark
Next by thread: Re: [Wireshark-users] Analyzing many pcap files with tshark
Index(es):
- Date
- Thread