We are having an intermittent issue where clients cannot access a config file on the DB server. I would like to set up Wireshark (v2.0.4) to continually capture because of the randomness of the occurrences. Is there a way to set up a capture that will auto delete the trace files so that they don't fill up a drive while continuously capturing? asked 20 Jun '16, 06:32  jaysack edited 20 Jun '16, 08:23  Bill Meier ♦♦ |
One Answer:
Yes, you'll have to look at dumpcap, the capture engine, and feeding it '-b' options to setup a ring buffer. Once you've identified a time where problems occurred pick up that capture file and analyze it. So you'll have a tradeoff between storage size needed vs reaction time to retrieve the capture before it's removed. answered 20 Jun '16, 06:50  Jaap ♦ |
