Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

New to wireshark

Hi everyone,

I am pretty new to WireShark, and I would like to monitor the activity in my network. It seems like we have some suspicious activity and I am trying to find the source of it.

I have a few questions.

  1. I would like to save a record of all the activity that happened in the network every once in a while, so I can go back and look at past logs. I see that the recommended way to do it is by megabytes(after reaching a certain number of megabytes, a file will be created and saved automatically). What is the recommended number of megabytes to use for this log? After how many megabytes should I ask the system to save the log?

  2. Is it possible to save multipole logs or once a new log is being created in would delete the previous log?

  3. Is there an option of checking a timestamp for the packets? I can only see time passed since Wireshark was activated, but not an actual time. Is it possible to see the time that the packet was sent?

Thank you,