I am running the following command line to capture large files but I would like the logs to be created in my log folder under the Wireshark folder dumpcap -b files:10000 -b filesize:10000 -w logs.pcap I have tried all sorts of option to make it create the file in that folder but nothing seems to work This question is marked "community wiki". asked 12 Mar '12, 04:15  DirtRider |
2 Answers:
If I read your question correctly you want to have the files containing the captured data in a sub directory of your Wireshark installation directory? And I assume you're running Windows Vista or Windows 7? In that case you're not allowed to write to the "program files" folders since the UAC (User Access Control) settings probably denies access to it. You can disabled UAC, but I advise against it - times are dangerous, and Worms/BotNets/Viruses (Virii?) never sleep. Better rethink your capture strategy save the files to a folder that you are allowed to write to. If I'm not assuming the correct OS environment you'll need to elaborate ;-) answered 12 Mar '12, 04:51  Jasper ♦♦ edited 12 Mar '12, 04:52 |
What is your OS? On Windows putting the path in the -w option works for me: dumpcap.exe -i 2 -b files:1000 -b filesize:1000 -w C:\temp\caps\log.pcap I get multiple files in the the C:\temp\caps directory. answered 12 Mar '12, 04:45  grahamb ♦ edited 12 Mar '12, 04:53 It will be both Win7 and XP, I cannot get it to make it in the correct folder It now makes a file in the root of c:
(12 Mar '12, 05:01) DirtRider As Jasper mentioned in his answer you don't normally have write access to the Program Files directory on Win 7. Create a directory somewhere else, e.g. C:\temp\caps and try that. (12 Mar '12, 05:05) grahamb ♦ |
(Converted to a comment in keeping with the format of ask.wireshark.org; Please see the FAQ).
Ok not to worry I set it as this and it now works, thanks for the help. Made up a small bat file to run