 | 1 | initial version |
I am sending packets from tshark into elasticsearch:
tshark -i ens5 -T ek -x -j -l
My issue is that the tmp file still has the initial packet in it and continues to grow:
capinfos /tmp/wireshark_ens5_20190411122510_JlODTv.pcapng | grep time First packet time:
2019-04-11 12:25:10.637409777 Last packet time: 2019-04-15
Is there any method of pruning the tshark tmp file after the data has been sent to elasticsearch?
10:01:01.738846534
I am sending packets from tshark into elasticsearch:
tshark -i ens5 -T ek -x -j -l
My issue is that the tmp file still has the initial packet in it and continues to grow:
capinfos /tmp/wireshark_ens5_20190411122510_JlODTv.pcapng | grep time First packet time:
2019-04-11 12:25:10.637409777 Last packet time: 2019-04-15
Is there any method of pruning the tshark tmp file after the data has been sent to elasticsearch?
10:01:01.738846534
