First time here? Check out the FAQ!
THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question
0

how can i write in different files without the -w option ?

Hi, i have to write into different files (1/hour) and i can't use -w because i don't want raw data.

an exemple :

tshark -Y ... -b files:24 -b interval:3600 -i Ethernet -T json -t u -e frame.time -e a -e b -e ip.src >> text.json

is it possible, and how ?

polo's avatar
1
polo
asked 2023-01-04 09:49:01 +0000
edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

0

Split into two tasks:
Use dumpcap to create the capture files
Have a second script that watches for new files then processes it with tshark

Chuckc's avatar
3k
Chuckc
answered 2023-01-04 15:19:04 +0000
edit flag offensive 0 remove flag delete link
more

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer