Run Wireshark from a batch file

The following batch file calls Wireshark and carries out a capture without the gui component. The following script is based upon a 50MByte file with a rolling buffer of 50 files.

 

@echo off

# # -p disable promiscous mode

# -i specify interface use “tshark -D” to identify

# -w where to save files

# -b filesize in KB

# -b number of files to loop

#

cd “Program Files\Wireshark”

tshark -p -i “\Device\NPF_{AD47A206-AC68-4A33-8D45-75B59D330695}” -w D:\WIRESHARK_LOGS\Tuesday\tshark-out.pcap -b filesize:50000 -b files:50

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: