Wireshark-users: Re: [Wireshark-users] how to start Wireshark automatically at each boot-up?
Agreed. I'm really not sure what you're trying to accomplish with
Wireshark here. If you're simply looking for a report of how much
data has been transmitted and received, surely you don't want to
CAPTURE and SAVE all of that data - just know how much transferred?
There are a number of freeware utilities, depending on your OS,
designed to report and calculate Internet usage, that require much
less overhead than Wireshark..
Depending on what traffic is important to you (or more specifically,
if only a subset of traffic you transfer is important or not), you
might be able to just look at periodic outputs of "netstat -i".
If you're looking for a text-based report, you may want to consider
using "tshark", the "-z io,stat" option (and redirect output to a
file), and possibly a script that restarts tshark periodically.
Or if you really need to capture the data, dumpcap would be MUCH more
appropriate for long-term captures.
On Fri, Jan 15, 2010 at 2:31 AM, Bill Meier <wmeier@xxxxxxxxxxx> wrote:
> Karthik Balaguru wrote:
>
> One comment:
>
> Using Wireshark directly is not suitable for long-term captures. It
> dissects frames as they are received and accumulates info in memory
> about the frames. It will thus use more and more memory as time goes on.
>
> The program which should be used is Dumpcap (installed along with
> Wireshark & etc) which is the program invoked by Wireshark to capture data.
>
> Dumpcap can be used to just write a capture to a file (or files).
>
> See the man page, the User's Guide and etc for more information.
>
> ___________________________________________________________________________
> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>