Claim your Biolink Click Here
3 like 0 dislike
309 views
I would like to get the logs between specific time from too large wireshark file and get particular call id logs from that file
in Education & Reference by (820 points) | 309 views

1 Answer

0 like 0 dislike

Editcap to cut the large file into small on basis of timestamp

editcap -v -A '2021-06-06 12:46:56' -B '2021-06-06 14:46:57'
source.pcap dest.pcap

Tshark is used to capture now the particualar call id data
> tshark -r source.pcap -R 'sip.Call-ID =="123456689"' -w ./newDest.pcap

by (1.1k points)

Related questions

2 like 0 dislike
1 answer
1 like 0 dislike
1 answer
asked Oct 26, 2017 in Education & Reference by Sam (1.6k points) | 212 views
1 like 0 dislike
1 answer
3 like 0 dislike
1 answer
asked May 27, 2021 in Education & Reference by Yogi (460 points) | 546 views
2 like 0 dislike
0 answers
asked May 31, 2020 in Education & Reference by Marc (4.7k points) | 294 views
2 like 0 dislike
2 answers
asked May 30, 2020 in Education & Reference by john (80 points) | 561 views
0 like 0 dislike
1 answer
1 like 0 dislike
1 answer
asked Jan 4, 2018 in Education & Reference by Simmi (820 points) | 492 views
2 like 1 dislike
2 answers
asked Nov 29, 2017 in Education & Reference by Sam (1.6k points) | 4.2k views

Where your donation goes
Technology: We will utilize your donation for development, server maintenance and bandwidth management, etc for our site.

Employee and Projects: We have only 15 employees. They are involved in a wide sort of project works. Your valuable donation will definitely boost their work efficiency.

How can I earn points?
Awarded a Best Answer 10 points
Answer questions 10 points
Asking Question -20 points

1,310 questions
1,471 answers
569 comments
4,809 users