Wireshark Captures with Dumpcap

In this video, learn how to use a dumpcap utility that streamlines scheduling of packet captures.

Tony Fortunato

February 23, 2018

1 Min Read
NetworkComputing logo in a gray background | NetworkComputing

One of the tricky things about troubleshooting with network protocol analysis is getting comfortable with unattended capture when you need to start a capture at a specific time. There are three ways to approach this with Wireshark:

  1. Write a script or macro that will navigate around the screen’s GUI and start/stop the capture.

  2. Use the Tshark Wireshark utility and a scheduling program

  3. Use the dumpcap Wireshark tool and a scheduling program

The problem with the first option is that if anything on the screen is repositioned, the script will fail. There has always been quite a debate over Tshark and dumpcap. I can safely say that when performance is a concern, dumpcap is the clear winner.

This is where DumpcapUI from Douglas A. Dietz comes in. This portable utility allows you to configure some of the more common dumpcap features using a GUI interface and configure a task in your Microsoft Scheduler.

In this video, I show how to get started with DumpcapUI.

I strongly recommend testing your configuration before scheduling or going live with any configuration and to use ring buffers for long-term capture. Also, use file size as your “Next file every” option instead of time.  Unless you have a really good grasp of filtering and what traffic to expect, you have no idea how much traffic you will capture within a given time frame. Please see my previous video on large packet capture.  

null

dumpcap.png

About the Author

Tony Fortunato

Tony Fortunato

Sr Network Performance Specialist

Tony Fortunato is a network performance expert who has been designing, implementing and troubleshooting networks since 1989. His company, The Technology Firm, provides clients of all sizes with services ranging from project management, network design, consulting, troubleshooting, designing custom-designed training courses, and assisting with equipment installation. Tony's experience in networking started with financial trading floor networks and ISPs, where he learned to integrate and support equipment from various vendors. Tony has taught and presented at numerous colleges and universities, public forums and private classes. He blogs frequently at NetworkDataPediaand has a popular YouTube channel.

See more from Tony Fortunato
SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
Sign-Up

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Integrating the new APs into Dartmouth’s existing network infrastructure was no small feat. Mist’s AI-driven insights made this easier.
Network Management
How Dartmouth College Leveraged AI To Modernize Its Network in One Weekend
How Dartmouth College Leveraged AI To Modernize Its Network in One Weekend

Sep 12, 2024

Extensive communications outages from Hurricane Helene drive home the need for new approaches to strengthen network resiliency.
Network Resilience
Hurricane Helene Communications Outages Show Need for Greater Network Resilience
Hurricane Helene Outages Show Need for Greater Network Resilience

Oct 3, 2024

Satellite services could bridge the digital divide in remote areas through partnerships like the SoftBank-Intelsat collaboration announced last month.
Network Infrastructure
Intelsat, SoftBank Plan Ubiquitous Satellite Connectivity Network
Intelsat, SoftBank Plan Ubiquitous Satellite Connectivity Network

Oct 9, 2024

Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports
Live Events
More Live Events