Re: how to start Wireshark automatically at each boot-up?

[Guy Harris <guy () alum mit edu>]

On Jan 15, 2010, at 2:32 AM, Karthik Balaguru wrote:

> Is there a format of logging provided by wireshark that would consume
> very less space ?

There's no form of logging that will just log the *amount* of traffic captured.  There might be tools that will log 
that sort of information; it might, for example, be possible to get ntop:

        http://www.ntop.org/

to log it.

If you really need information about *every* packet on your network, rather than just summary information such as 
"every hour, show me how much traffic went to and from different IP addresses", you could try setting the snapshot 
length with the "-s" flag so that you only capture the IP header; you could also try to capture the TCP or UDP header 
if you want to know what port numbers were being accessed (so you could, for example, distinguish HTTP traffic from 
SMTP/POP/IMAP mail traffic from...).
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe