 | 1 | initial version |
When I need to do a long-term capture on a Windows client (e.g. to capture a unregulary issue), I'm using dumpcap and the Windows schedule tasks to perform it.
Trigger: At computer startup Command: "C:\Program Files\Wireshark\dumpcap.exe" Arguments: -i "[NAME OF LAN ADAPTER]" -f "[CAPTURE FILTER IF NEEDED]" -w "C:\Temp\%COMPUTERNAME%.pcap" -b filesize:100000 -b files:500
This will run a loop capture with max. 500 files of 100 MB each in size.
