Wireshark mailing list archives

Re: Monitoring

From: "mike () grounded net" <mike () grounded net>
Date: Wed, 19 May 2010 13:22:49 -0500

Yes, I use a lot of tools, ntop, if top, lot's of tops :). I also use ossim which is incredibly comprehensive but every 
tool has it's use. Sometimes, just watching the packets using wireshark helps plus, I just happen to be at that station 
so end up using it. No big deal but would have been nice if it had a monitor feature which doesn't capture, perhaps 
even has a little selectable delay setting so that things don't go by so quickly.

Mike


On Sun, 16 May 2010 21:55:46 -0400, Kevin Cullimore wrote:

 On 5/16/2010 9:28 PM, mike () grounded net wrote:

 Sometimes, I just want to get a quick view of what's going on so monitor
 for a while but the logging is what seems to use up all of the system
 resources after a while.

 A different tool might provide you with a decent ongoing overview of
 network activity. When customers are interested in this functionality, I
 have them run NTOP, and instruct them to turn up a machine running
 wireshark when they feel the need to drill down to byte/bit-level details.

 On Sat, 15 May 2010 12:16:06 -0700, M Holt wrote:

 Can you just use dumpcap with a ring buffer?  Then stop the capture once
 the event you are looking for is seen:
 
 http://www.wireshark.org/docs/man-pages/dumpcap.html
 
 On Sat, May 15, 2010 at 10:02 AM, mike () grounded net<mike () grounded net>
 wrote:

 Any way of monitoring only, without a capture, until I need to
 capture?
 
 ___________________________________________________________________________
 Sent via:    Wireshark-users mailing list<wireshark-
 users () wireshark org>
 Archives:    http://www.wireshark.org/lists/wireshark-users
 Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
 mailto:wireshark-users-
 request () wireshark org?subject=unsubscribe

 
 
 #avg_ls_inline_popup { position:absolute; z-index:9999; padding: 0px
 0px;
 margin-left: 0px; margin-top: 0px; width: 240px; overflow: hidden; word-
 wrap: break-word; color: black; font-size: 10px; text-align: left; line-
 height: 13px;}

 
 ___________________________________________________________________________
 Sent via:    Wireshark-users mailing list<wireshark-users () wireshark org>
 Archives:    http://www.wireshark.org/lists/wireshark-users
 Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
 mailto:wireshark-users-request () wireshark org?subject=unsubscribe

 
 ___________________________________________________________________________
 Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
 Archives:    http://www.wireshark.org/lists/wireshark-users
 Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
 mailto:wireshark-users-request () wireshark org?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

Monitoring mike () grounded net (May 15)
- Re: Monitoring M Holt (May 15)
  - Re: Monitoring mike () grounded net (May 16)
    - Re: Monitoring M Holt (May 16)
    - Re: Monitoring mike () grounded net (May 16)
    - Re: Monitoring Kevin Cullimore (May 16)
    - Re: Monitoring mike () grounded net (May 19)
    - Re: Monitoring Kevin Cullimore (May 19)
    - Re: Monitoring mike () grounded net (May 20)
    - Re: Monitoring Jaap Keuter (May 20)
    - Re: Monitoring Kevin Cullimore (May 21)
    - Re: Monitoring Jaap Keuter (May 21)