Running WireShark Version 4.2.5 on Windows Server, I started network capture but could not stop, because the option (capture>stop) got disabled when I tried to stop. With no workaround, I had to use Task Manager to end the wireshark task -- losing the (unsaved) traffic.
Can you suggest any work around, or some troubleshooting tips?
First of all, if you kill wireshark from the task manager, the running capture file still exists in the folder pointed to by Temp in the Folders tab of About Wireshark. So you will be able to retrieve the captured data.
When a capture can't be stopped, it is usually because of the traffic load, not sure if this is already reported as a bug, but I think it would qualify as one, you can file a bug report by opening an 'Issue' on https://gitlab.com/wireshark
Possible workarounds:
update packet list while capturing in the capture optionsdumpcap instead of Wireshark to do the capturing (my preferred option)Asked: 2024-07-17 20:23:20 +0000
Seen: 259 times
Last updated: Jul 18