We are having an intermittent issue where clients cannot access a config file on the DB server. I would like to set up Wireshark (v2.0.4) to continually capture because of the randomness of the occurrences. Is there a way to set up a capture that will auto delete the trace files so that they don't fill up a drive while continuously capturing?
asked 20 Jun '16, 06:32
edited 20 Jun '16, 08:23
Bill Meier ♦♦
Yes, you'll have to look at dumpcap, the capture engine, and feeding it '-b' options to setup a ring buffer. Once you've identified a time where problems occurred pick up that capture file and analyze it. So you'll have a tradeoff between storage size needed vs reaction time to retrieve the capture before it's removed.
answered 20 Jun '16, 06:50