Hello, I'm building a new server and installed Wireshark and it keeps crashing. I have spanned a port off our Cisco switch which is basically our WAN link to our remote offices, so lots of data. The server is a Dell R710 CPU: 2 x Xeons 2.27Ghz Mem: 20GB HD: SAS 500GB (RAID6) OS: Windows 2012 R2 64bit I've set Wireshark to create multiple after 5 mins (2gb a file), but after 20 mins it crashes and I have multiple Wireshark windows open. Any ideas on what I can do? asked 12 Feb '15, 01:57  gonzo |
One Answer:
answered 12 Feb '15, 02:03  Jasper ♦♦ showing 5 of 7 show 2 more comments |
Thanks, it could be a different issue as it crashed after 2 mins and only used 1.7GB of 20GB.
And spits this out:
Problem signature: Problem Event Name: APPCRASH Application Name: Wireshark.exe Application Version: 1.12.3.0 Application Timestamp: 54ad9bac Fault Module Name: libwireshark.dll Fault Module Version: 1.12.3.0 Fault Module Timestamp: 54ad9a8c Exception Code: c0000005 Exception Offset: 00000000000122d7 OS Version: 6.3.9600.2.0.0.272.7 Locale ID: 2057 Additional Information 1: b911 Additional Information 2: b911134c916a531e14249c0801bebd15 Additional Information 3: b0bf Additional Information 4: b0bf9c0f8d87a9670fe011511bbca199
I'd say try dumpcap and see if it works ;-)
let me look into this, thanks.
Seems to be working much better, can I merge more that 2 files together in Wireshark? I'm outputting files every 5 mins and need about 30 mins worth merged.
yes, either via the file menu, or using mergecap (another command line tool) with the -a parameter
Via the menu it seems to only let me select 2 files to merge, the one I have currently open and only one more, does mergecap allow me to do muiltiple in one go?
ah I worked it out, I have to save the capture after adding the first merge file to my current one.