Wireshark mailing list archives

Re: automate capture feature

From: Martin Visser <martinvisser99 () gmail com>
Date: Sat, 17 Apr 2010 13:44:48 +1000

While you can do what Tal says, you can do this easily in Wireshark. Before
you capture, Capture->Options menu.  Under the Capture File(s) section,
enter a File name, example mycapture.pcap and then select the Multiple Files
checkbox and only select Next File every 1 minute. You can option specify
when you want to stop.

Wireshark then will create a new file every minute called something like
mycapture_00001_20100417131441.pcap (where the first set of digits is a
serial number and the second is contracted form of the date.

Simple!

Regards, Martin

MartinVisser99 () gmail com


On Sat, Apr 17, 2010 at 4:14 AM, Tal Bar-Or <tbaror () gmail com> wrote: says

Hi,

i would use first Tshark and then use file rotation( file ring buffer) lets
say 2 files for 1 min and always query the last file not active.
Next i would phrase (regexp) data needed and write it to xml and send it to
central location display it via web console using Flex technology.
Regsrds


On Fri, Apr 16, 2010 at 5:38 PM, sachindeo v chavan <
sachin_chavan () yahoo com> wrote:

Hi all,

I have a query on wireshark. I have version 1.2.7.
How can I repetitively capture network and save the capture at regular
interval say every 1 min while the capture is going on?

In other words, save the captured info on the fly? that is, save every 1
min while the capture is going on.

regards
sachin




___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org
?subject=unsubscribe




--
Tal Bar-or

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org
?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

automate capture feature sachindeo v chavan (Apr 16)
- Re: automate capture feature Tal Bar-Or (Apr 16)
  - Re: automate capture feature Martin Visser (Apr 16)
    - Re: automate capture feature Phil Paradis (Apr 17)