Wireshark · Wireshark-users: [Wireshark-users] Apply read filter while writing to file

Wireshark-users: [Wireshark-users] Apply read filter while writing to file

From: Muhammad El-Sergani <msergani@xxxxxxxxx>

Date: Thu, 7 Mar 2013 12:27:07 +0200

Hello all,

After a recent Wireshark update on one of our SIP servers, we are unable to apply a read filter while writing the capture file, but rather have to capture everything to a host, write that to a file then apply our read filters when reading from the file.

This is hard to maintain as our SIP traffic is huge, and just capturing everything is unpractical.

Is there a known/method/practice/script that can be used to allow users to apply a read filter to a trace session while writing the dump to a file?

Everything is Linux based.

Thanks

in advance!

//M

Follow-Ups:
- Re: [Wireshark-users] Apply read filter while writing to file
  - From: Guy Harris
- Re: [Wireshark-users] Apply read filter while writing to file
  - From: Jaap Keuter

Prev by Date: [Wireshark-users] Decoding through wireshark
Next by Date: Re: [Wireshark-users] Decoding through wireshark
Previous by thread: Re: [Wireshark-users] Decoding through wireshark
Next by thread: Re: [Wireshark-users] Apply read filter while writing to file
Index(es):
- Date
- Thread