Fun at zangOOr Click Here
2 like 0 dislike
7 views
in Education & Reference by (640 points)
I would like to get the logs between specific time from too large wireshark file and get particular call id logs from that file

1 Answer

0 like 0 dislike
by (950 points)

Editcap to cut the large file into small on basis of timestamp

editcap -v -A '2021-06-06 12:46:56' -B '2021-06-06 14:46:57'
source.pcap dest.pcap

Tshark is used to capture now the particualar call id data
> tshark -r source.pcap -R 'sip.Call-ID =="123456689"' -w ./newDest.pcap

Related questions

2 like 0 dislike
1 answer 82 views
1 like 0 dislike
1 answer 68 views
1 like 0 dislike
1 answer 99 views
3 like 0 dislike
1 answer 21 views
2 like 0 dislike
0 answers 97 views
2 like 0 dislike
2 answers 166 views
0 like 0 dislike
1 answer 111 views
1 like 0 dislike
1 answer 212 views
2 like 1 dislike
2 answers 1.8k views

Where your donation goes
Technology: We will utilize your donation for development, server maintenance and bandwidth management, etc for our site.

Employee and Projects: We have only 15 employees. They are involved in a wide sort of project works. Your valuable donation will definitely boost their work efficiency.

How can I earn points?
Awarded a Best Answer 10 points
Answer questions 10 points
Asking Question -20 points

...