Wireshark mailing list archives

Re: Monitoring

From: M Holt <m.iostreams () gmail com>
Date: Sun, 16 May 2010 18:43:15 -0700

My apologies; I suppose I did not really answer your question.

So, I don't know of a way to monitor only, without saving a capture --
unless you are just going to watch via wireshark live.
That is to say, fire up wireshark or tshark, and just watch the packets go.

If you are on a *nix client, just use tcpdump.

Dumpcap is quit a bit easier on resources, because it does not load display
filters, so it can be used somewhat more discreetly.

I think I understand what you are saying, but I don't know of any other way
to view packets on the fly without saving them for later viewing.
The "quick view of what's going on", would be either wireshark, tshark or
tcpdump, live without saving the packets anywhere.

Hope that helps.

 -- Mike

On Sun, May 16, 2010 at 6:28 PM, mike () grounded net <mike () grounded net>wrote:

Sometimes, I just want to get a quick view of what's going on so monitor
for a while but the logging is what seems to use up all of the system
resources after a while.


On Sat, 15 May 2010 12:16:06 -0700, M Holt wrote:

Can you just use dumpcap with a ring buffer?  Then stop the capture once
the event you are looking for is seen:

http://www.wireshark.org/docs/man-pages/dumpcap.html

On Sat, May 15, 2010 at 10:02 AM, mike () grounded net <mike () grounded net>
wrote:

Any way of monitoring only, without a capture, until I need to capture?

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <

wireshark-users () wireshark org>

Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
           mailto:wireshark-users-
request () wireshark org?subject=unsubscribe



#avg_ls_inline_popup { position:absolute; z-index:9999; padding: 0px 0px;
margin-left: 0px; margin-top: 0px; width: 240px; overflow: hidden; word-
wrap: break-word; color: black; font-size: 10px; text-align: left; line-
height: 13px;}



___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org
?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

Monitoring mike () grounded net (May 15)
- Re: Monitoring M Holt (May 15)
  - Re: Monitoring mike () grounded net (May 16)
    - Re: Monitoring M Holt (May 16)
    - Re: Monitoring mike () grounded net (May 16)
    - Re: Monitoring Kevin Cullimore (May 16)
    - Re: Monitoring mike () grounded net (May 19)
    - Re: Monitoring Kevin Cullimore (May 19)
    - Re: Monitoring mike () grounded net (May 20)
    - Re: Monitoring Jaap Keuter (May 20)
    - Re: Monitoring Kevin Cullimore (May 21)
    - Re: Monitoring Jaap Keuter (May 21)