Revision history [back]
Starting and stopping capturing and saving data through command-line (Windows 10).
I'm trying to troubleshoot a network issue on a Windows computer. What I have done through Wireshark GUI was:
Start Wireshark with a .lua file for customized protocol.
Start capturing with filtering, file writing and ring buffer.
Stop capturing when the error is observed and save data.
Now I want to automatize this process, because the error may happen in several days or even weeks. There will be a script monitoring the occurrence of the error. So my questions are:
If I go with Wireshark, can I start/stop capturing and save the remaining data in memory to data file through command line?
If I go with dumpcap, except for the question above with Wireshark, does dumpcap support loading a .lua file for filtering?