Ask Your Question

tshark and bash script to log network interfaces

asked 2018-12-02 18:03:09 +0000

ns3new gravatar image

Hello I am very new to bash scripting and I am currently looking to make a very basic bash script to log out data from my network interfaces using tshark and write to a file , with splitting the file after every 60 s. in a native linux system Also I wanted to log out multiple threads at the same time. What I wanted to achieve was to start logging of the different interfaces at the same time. I am not sure if t shark supports it . I tried the following commands

I am logging and writing out to file in the following order

sudo tshark -i ens33 -b duration:60 -w folder1/

Where I try to log in one folder . And to try with -t argument , I tried the following but it did not work

sudo tshark -i ens3s0f1 -b duration:60 -w folder1/ -i ens33 -b duration:60 -w folder2 /

so basically i have to execute the

sudo tshark -i ens33 -b duration:60 -w folder1/

sudo tshark -i ens3s0f1 -b duration:60 -w folder2/

In the bash script . Is it even possible to have tshark running in a bash script ?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2018-12-02 18:40:51 +0000

grahamb gravatar image

A number of observations:

  1. Don't use sudo to run tshark\wireshark. Instead fix your capture permissions.
  2. As you aren't filtering, you don't actually need to use tshark, use the simpler dumpcap.
  3. Both dumpcap or tshark can accept multiple inputs (-i) but can only have one output (-w). You need to run multiple processes to write to different directories.
  4. To run multiple processes in bash, append an '&' to the process to put it in the background, e.g. dumpcap -i ens33 -b ... &.
edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2018-12-02 18:03:09 +0000

Seen: 468 times

Last updated: Dec 02 '18