Ask Your Question

Remote Tshark PCAP dump.

asked 2018-04-05 14:55:51 +0000

SlayeR_Kev gravatar image

Hi Guys,

I am hoping someone can assist.

I am looking to setup a remote dump of the pcap info that I get off of my VOIP system.

I am running TShark on the VOIP system (Ubuntu) and would like to view the PCAP files off a fileshare with WireShark. The reason for this is the VOIP system has very limited storage so having the packet capture info dump remotely is vital.

Does anyone know if this is possible ?

Kind Regards,

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2018-04-05 17:11:40 +0000

Jaap gravatar image

Does this help? It basically uses dumpcap (the capture engine) on the remote platform (your VoIP box) from the capture host. If you set it up so that the output from the SSH tunnel is put into a file, than that's your capture file. Or load it directly in Wireshark and save from there, if that suits your use case.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2018-04-05 14:55:51 +0000

Seen: 496 times

Last updated: Apr 05 '18