Wireshark-users: Re: [Wireshark-users] Monitoring

Date: Wed, 19 May 2010 13:22:49 -0500
Yes, I use a lot of tools, ntop, if top, lot's of tops :). I also use ossim which is incredibly comprehensive but every tool has it's use. Sometimes, just watching the packets using wireshark helps plus, I just happen to be at that station so end up using it. No big deal but would have been nice if it had a monitor feature which doesn't capture, perhaps even has a little selectable delay setting so that things don't go by so quickly.

Mike


On Sun, 16 May 2010 21:55:46 -0400, Kevin Cullimore wrote:
> On 5/16/2010 9:28 PM, mike@xxxxxxxxxxxx wrote:
> 
>> Sometimes, I just want to get a quick view of what's going on so monitor
>> for a while but the logging is what seems to use up all of the system
>> resources after a while.
>> 
>> 
> A different tool might provide you with a decent ongoing overview of
> network activity. When customers are interested in this functionality, I
> have them run NTOP, and instruct them to turn up a machine running
> wireshark when they feel the need to drill down to byte/bit-level details.
>> On Sat, 15 May 2010 12:16:06 -0700, M Holt wrote:
>> 
>>> Can you just use dumpcap with a ring buffer?  Then stop the capture once
>>> the event you are looking for is seen:
>>> 
>>> http://www.wireshark.org/docs/man-pages/dumpcap.html
>>> 
>>> On Sat, May 15, 2010 at 10:02 AM, mike@xxxxxxxxxxxx<mike@xxxxxxxxxxxx>
>>> wrote:
>>> 
>>>> Any way of monitoring only, without a capture, until I need to
>>>> capture?
>>>> 
>>>> ___________________________________________________________________________
>>>> Sent via:    Wireshark-users mailing list<wireshark-
>>>> users@xxxxxxxxxxxxx>
>>>> Archives:    http://www.wireshark.org/lists/wireshark-users
>>>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>>>> mailto:wireshark-users-
>>>> request@xxxxxxxxxxxxx?subject=unsubscribe
>>> 
>>> 
>>> #avg_ls_inline_popup { position:absolute; z-index:9999; padding: 0px
>>> 0px;
>>> margin-left: 0px; margin-top: 0px; width: 240px; overflow: hidden; word-
>>> wrap: break-word; color: black; font-size: 10px; text-align: left; line-
>>> height: 13px;}
>>> 
>> 
>> ___________________________________________________________________________
>> Sent via:    Wireshark-users mailing list<wireshark-users@xxxxxxxxxxxxx>
>> Archives:    http://www.wireshark.org/lists/wireshark-users
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>> 
> 
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-usersmailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe