We need to tracing at the same time every day until we can nail down a problem we are having with our system (which is intermittent). It is a machine with multiple interfaces but only one is involved in the problem.
When we start up wireshark on the server and have it write to a file it locks up / dies after about 50 minutes. If I look at the memory on the box I can see that it climbs and climbs and climbs until there is no more memory for WS to grab.
Rather than try to fix wireshark we want to log on, run a batch file which will start wireshark for us, have it create files of 100MB each and just keep creating file after file until 45 minutes have passed, then it will shut down. (In the batch file it will then start up again but that is not the issue).
Currently I cannot get the app to create multiple files for X amount of time, here is the entire bat file, (below that is the line that starts the app):
**Note: this bat uses shorter times and smaller files to prove function before going for the full length:
this is my command line currently:
Any ideas how to fix this?
We are using WS because we periodically check what is happening and examine some of the packets as they are coming in so we want to be able to see them.
asked 13 Sep '11, 13:32
edited 14 Sep '11, 04:00
The Out of Memory bug is well-known. You should use dumpcap for this task, although you could use tshark if you want to watch the capture while it's in progress. Automating the Wireshark GUI is not a readily scriptable task. You can always review files created with dumpcap or tshark with Wireshark post-mortem for further in-depth analysis.
answered 13 Sep '11, 13:48