Useful command line tool bundled with wireshark. Less resource intensive than GUI based Wireshark, with many parameters for quick custom made captures.
List local computer interfaces with tshark -d
Quick capture directed to screen tshark -i 8
Quick capture direct to a file tshark -i 8 -w c:\users\richard\allpkts.pcapng
Monitor ping statistics Sevice Respons Times tshark -i 8 -qz icmp,srt
Filter a packet capture file for a particular ip address and create a smaller packet capture file
"c:/program files (x86)/wireshark/tshark.exe" -r dropped_packets_capture.pcapng - Y "ip.addr==192.168.72.177" -w filtered.pcapng
Full tshark command description here
https://www.wireshark.org/docs/man-pages/tshark.html
No comments:
Post a Comment