Fun at zangOOr Click Here
2 like 0 dislike
46 views
I would like to get the logs between specific time from too large wireshark file and get particular call id logs from that file
in Education & Reference by (640 points) | 46 views

1 Answer

0 like 0 dislike

Editcap to cut the large file into small on basis of timestamp

editcap -v -A '2021-06-06 12:46:56' -B '2021-06-06 14:46:57'
source.pcap dest.pcap

Tshark is used to capture now the particualar call id data
> tshark -r source.pcap -R 'sip.Call-ID =="123456689"' -w ./newDest.pcap

by (950 points)

Related questions

2 like 0 dislike
1 answer
1 like 0 dislike
1 answer
1 like 0 dislike
1 answer
3 like 0 dislike
1 answer
asked May 27 in Education & Reference by Yogi (360 points) | 82 views
2 like 0 dislike
0 answers
asked May 31, 2020 in Education & Reference by Marc (3.3k points) | 121 views
2 like 0 dislike
2 answers
asked May 30, 2020 in Education & Reference by john (80 points) | 207 views
0 like 0 dislike
1 answer
1 like 0 dislike
1 answer
asked Jan 4, 2018 in Education & Reference by Simmi (640 points) | 231 views
2 like 1 dislike
2 answers
asked Nov 29, 2017 in Education & Reference by Sam (1.4k points) | 2.0k views

Where your donation goes
Technology: We will utilize your donation for development, server maintenance and bandwidth management, etc for our site.

Employee and Projects: We have only 15 employees. They are involved in a wide sort of project works. Your valuable donation will definitely boost their work efficiency.

How can I earn points?
Awarded a Best Answer 10 points
Answer questions 10 points
Asking Question -20 points

1,244 questions
1,398 answers
564 comments
4,809 users