PS I have a workaround - that's reading directly from STDOUT but I am limited by the buffer size. Does anyone know if there is a problem passing the ">" character using Run command? Is there any other problem with my script? ![]() But I would like to redirect the output of tshark to a file using this tshark syntax. The problem lies at the "> logs.txt" string. TShark is designed as a CLI or command-line interface of Wireshark for capturing and analyzing packets right from the CLI. If you really, really want to use libwireshark directly, you will need to resolve all of its dependencies somehow (preferably by making it an actual stand-alone library) and provide for the assumptions it makes about Wireshark (or tshark) actually being running. My conclusion is that the Run command is not passing correctly the string to tshark. #include $bytePatternList = "" "ip = 0x40" "" $captureInterface = "\Device\NPF_ -z io,phs > logs.txtĬapturing on Intel® PRO/1000 EB Network Connection with I/O Acceleration ![]() I am trying to start a tshark packet capture using the following script:
0 Comments
Leave a Reply. |