Wireshark not detecting file sets

asked 2019-01-04 18:08:00 +0000

swinster
1 ●1 ●3 ●2

Hey,

v2.6.5

I have three files in a folder:

cnsfb_1.pcap
cnsfb_2.pcap
cnsfb_3.pcap

However, opening up the first file and navigating to File -> File Sets -> List Files, I do not see any of the other files listed.

I have tried this several times with different prefixes and suffices, but no joy.

answered 2019-01-04 18:23:07 +0000

grahamb

flag of United Kingdom of Great Britain and Northern Ireland

23790 ●4 ●950 ●227 https://www.wireshark.org

Using files created with a ring buffer capture option (-b) seems to work with a file set. Such files are saved in the format <name>_ddddd_ttt.<suffix>

where:

<name> is the capture name.
ddddd is the "sequence" number of the capture file, i.e. 00001, then 00002 etc.
ttt is the time and date of the capture, e.g. 20190104181500.
<suffix> is the capture file extension, e.g. pcapng.

You seem to need both the sequence number and the date\time to make the File Set feature work.

edit flag offensive delete link

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Wireshark not detecting file sets

1 Answer

Your Answer

Question Tools

Stats

Wireshark not detecting file sets edit

1 Answer

Your Answer

Question Tools

Stats

Wireshark not detecting file sets