Thanks for the response , If I break files down into many pcap files is there any way that I can have access to all those broken files. Like if I select follow stream option would it be possible to get streams that are in the other broken files.
Thanks
MK
On Fri, Jul 9, 2010 at 3:57 PM, Guy Harris
<guy@xxxxxxxxxxxx> wrote:
On Jul 9, 2010, at 12:46 PM, Maverick wrote:
> I have huge pcap files in Gbs which I want to analyze using wireshark but wireshark is extremely slow and crashes while opening those files. I tried breaking those files into smaller files but thats not very good solution as I have to open up each file and sometime relationship between files gets lost.
>
> Is there a decent way to handle huge files in wireshark .
For now, the only way is "use a 64-bit version of Wireshark, make sure you have enough disk space/swap space to back up a large virtual address space, and live with the slowness".
There may be changes in the future to reduce the memory requirements, but they're not trivial to make.
___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe