THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question

Revision history  [back]

Revision 1
Guy Harris's avatar
19.9k
Guy Harris
answered 2019-04-15 20:21:17 +0000

Is there any method of pruning the tshark tmp file after the data has been sent to elasticsearch?

No. There is, at best, a method for discarding packets once more than a certain number have been written - the ring buffer option mentioned by @Jaap.

See bug 2743.