is there any way to run Wireshark in "statistics mode", I mean without actually capturing large files? I am only interested in statistics and conversations (who is talking with each other on the network) and I don't want to capture all packets in large files.
I plan to run Wireshark in "statistic mode" for a day or even longer, so a dumpfile would become very large.
Best regards, Volker
asked 24 Jul '15, 02:28
No, Wireshark (actually, dumpcap) always writes packets to disk. If you need statistics you might want to look at NetFlow collection, which seems to be more what you need.
answered 24 Jul '15, 03:21