Dear reader,
I used the following line for getting the results in text file and it works fine. i.e. No notification messages in the error channel.
"C:\Program Files (x86)\Wireshark\tshark.exe" -Q -P -i 4 -Y "ip.dst==172.17.231.50&&icmp" -V -S 5%%%5 > C:\temp\output.txt
When trying to get the results in a pcap file, I received notification messages in the error channel.
"C:\Program Files (x86)\Wireshark\dumpcap.exe" -i 4 -w - | "C:\Program Files (x86)\Wireshark\tshark.exe" -Q -P -r - -Y "ip.dst==172.17.231.50&&icmp" -w "C:\temp\output.pcap"
Trying to add –P –Q to the first part yielded an error message saying: “C:\Program Files (x86)\Wireshark\dumpcap.exe: invalid option -- 'Q'”
"C:\Program Files (x86)\Wireshark\dumpcap.exe" -Q -P -i 4 -w - | "C:\Program Files (x86)\Wireshark\tshark.exe" -Q -P -r - -Y "ip.dst==172.17.231.50&&icmp" -w "C:\temp\output.pcap" C:\Program Files (x86)\Wireshark\dumpcap.exe: invalid option -- 'Q'
Is there a proper way of getting the captured packets into a pcap file without any notification messages in the error channel?
(The double backslash is because I’m activating the command with python)
