Am new to tshark.I wanto capture some ipp data using wireshark for that am using following tshark terminal commnd
In the above command am setting a duration of 20 sec after that tshark execution wil stop automaticlly and created an xml file it is working properly fine But some situations there is a delay in getting 'ipp' data and after 20 sec tashark caputing will stops .due this am not able to caputure the data.it exits after 20 sec. when i increase the time delay i will get the full data as xml file. Am looking another options like setting the file size and when the file size reaches particular kb stop tshark.for that i changed the tshar command as
am getting the error
How can i crerate an xml file with and when the file size reaches particular Kbs stop the tshark execution.also i need to use filter type as "ipp contains 02:00:00"(it will only outputs ipp packets data as xml) asked 23 Feb '15, 23:55 kichuz edited 23 Feb '15, 23:58 |
One Answer:
You could try a 2-step approach? First, capture general traffic of interest using
Once
answered 24 Feb '15, 09:10 cmaynard ♦♦ |