Hello, I am fairly new to Wireshark and need some help. In the past I have installed Wireshark on Windows, created a scheduled task, that ran a command similar to this: c:\Program Files\Wireshark>tshark -i 1 -a duration:3600 -w c:\WiresharkCapture\test What this did was at a specified time, it would start a Wireshark scan and break it up into a bunch of files every so many minutes and then dump it into a folder. This worked great. However, I am on a Linux (Debian) machine, and don't know how to go about creating the same type of results. Can someone please help? Thank you. asked 19 Apr '16, 10:34  darmstrong |
One Answer:
You would do (almost) the same as on Windows, with the difference, that the scheduler on Linux is cron. Please read that and then add a cron job with similar tshark parameters as shown in your question. You'll have to change the path to something Linux like (-w /var/tmp/test). Regards answered 19 Apr '16, 13:29  Kurt Knochner ♦ edited 19 Apr '16, 13:29 |
