I have run tshark for a duration of 5 sec, and saved the tshark output to a .pcap file. Then I have run C5 Sigma on this file. It creates the MySQL database successfully but I have a couple of problems: The problem I am facing is thousands of warnings of the form [WARNING] - Unknown field: something.. and the processing time. Complete paste of logs here. For example for a 921KB .pcap file having (1085 packets), it printed 2021065 warnings and took about 8.45 minutes to run. More interestingly, when I tried to pass a path to an empty folder (in Windows) to the --inputpath parameter, and it still took 7 minutes to process, and printed 2021065 warnings. So I have two questions: How can I lessen the processing time of C5 Sigma? What are these fields that C5 Sigma is generating warnings about? Has anyone else faced this problem? Any tips or suggestions or advice is welcome. asked 16 Aug '16, 00:44  Jesss closed 16 Aug '16, 03:11  grahamb ♦ |
This is a static archive of our old Q&A Site.
Please post any new questions and answers at ask.wireshark.org.
You'll have to go to the folks who make C5 Sigma for support on their product.
As such, this is off-topic for this site.