Wireshark-users: Re: [Wireshark-users] Monitoring
From: "mike@xxxxxxxxxxxx" <mike@xxxxxxxxxxxx>
Date: Sun, 16 May 2010 20:56:03 -0500
No problem, that does answer my question and thanks, now I know so won't keep trying to find a way. I mostly have linux servers with a handful of win machines. Mike On Sun, 16 May 2010 18:43:15 -0700, M Holt wrote: > My apologies; I suppose I did not really answer your question. > > So, I don't know of a way to monitor only, without saving a capture -- > unless you are just going to watch via wireshark live. > That is to say, fire up wireshark or tshark, and just watch the packets go. > > If you are on a *nix client, just use tcpdump. > > Dumpcap is quit a bit easier on resources, because it does not load display > filters, so it can be used somewhat more discreetly. > > I think I understand what you are saying, but I don't know of any other way > to view packets on the fly without saving them for later viewing. > The "quick view of what's going on", would be either wireshark, tshark or > tcpdump, live without saving the packets anywhere. > > Hope that helps. > > -- Mike > > On Sun, May 16, 2010 at 6:28 PM, mike@xxxxxxxxxxxx <mike@xxxxxxxxxxxx> > wrote: >> Sometimes, I just want to get a quick view of what's going on so monitor >> for a while but the logging is what seems to use up all of the system >> resources after a while. >> >> >> On Sat, 15 May 2010 12:16:06 -0700, M Holt wrote: >>> Can you just use dumpcap with a ring buffer? Then stop the capture once >>> the event you are looking for is seen: >>> >>> http://www.wireshark.org/docs/man-pages/dumpcap.html >>> >>> On Sat, May 15, 2010 at 10:02 AM, mike@xxxxxxxxxxxx <mike@xxxxxxxxxxxx> >>> wrote: >>>> Any way of monitoring only, without a capture, until I need to >>>> capture? >>>> >>>> ___________________________________________________________________________ >>>> Sent via: Wireshark-users mailing list <wireshark- >>>> users@xxxxxxxxxxxxx> >>>> Archives: http://www.wireshark.org/lists/wireshark-users >>>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users >>>> mailto:wireshark-users- >>>> request@xxxxxxxxxxxxx?subject=unsubscribe >>> >> >>> #avg_ls_inline_popup { position:absolute; z-index:9999; padding: 0px >>> 0px; >>> margin-left: 0px; margin-top: 0px; width: 240px; overflow: hidden; word- >>> wrap: break-word; color: black; font-size: 10px; text-align: left; line- >>> height: 13px;} >> >> >> ___________________________________________________________________________ >> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx> >> Archives: http://www.wireshark.org/lists/wireshark-users >> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users >> mailto:wireshark-users- >> request@xxxxxxxxxxxxx?subject=unsubscribe > > > #avg_ls_inline_popup { position:absolute; z-index:9999; padding: 0px 0px; > margin-left: 0px; margin-top: 0px; width: 240px; overflow: hidden; word- > wrap: break-word; color: black; font-size: 10px; text-align: left; line- > height: 13px;}
- References:
- Re: [Wireshark-users] Monitoring
- From: M Holt
- Re: [Wireshark-users] Monitoring
- Prev by Date: Re: [Wireshark-users] Monitoring
- Next by Date: Re: [Wireshark-users] Monitoring
- Previous by thread: Re: [Wireshark-users] Monitoring
- Next by thread: Re: [Wireshark-users] Monitoring
- Index(es):