Wireshark mailing list archives

Faster: tshark or tcpcump?

From: Chip <jeffschips () gmail com>
Date: Sun, 30 Oct 2011 17:43:51 -0400

For grabbing only the endpoint ips for https and http traffic, which isfaster when dealing with high-bandwidth traffic, tshark or tcpdump?

I need to grab only the end to end point ips along with timestamp, infiles, preferably in multiple files after a certain size limit.


This will be traffic gleaned from a in line tap.

Thank you.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request () wireshark org?subject=unsubscribe

Current thread:

Faster: tshark or tcpcump? Chip (Oct 30)
- Re: Faster: tshark or tcpcump? Guy Harris (Oct 30)