I have a problem with wireshark creating multiple files. I try to capture the network trafic for several days on a system with the following options: -use multiple files -next file every 2 megabytes -ring buffer with 9999 files
unfortunaly this doesn't work! There are two different things happening. 1. the system opens several wiresharkwindows which all tell me "closing files" but nothing happens. 2. the wireshark application crashes with an Application error Event ID 1000. The system had already created 800 capture files saved at this time, but then it stops with this application error....
wireshark version is 188.8.131.52520 and it runs on Windows 2008 Server
Sorry for my bad english, but I'm from Germany and still learning....
I would be happy to hear from you. Any help will be appreciated! Please let me know if further information or data is required!
Thanks & Regards Wolfgang
asked 16 Sep '13, 04:46
edited 16 Sep '13, 04:47
Take a look at this: http://blog.packet-foo.com/2013/05/the-notorious-wireshark-out-of-memory-problem/
answered 16 Sep '13, 04:51
See also this question and note the answer from @cmaynard.
answered 16 Sep '13, 05:18