Solved

tshark capture filter

Posted on 2009-04-08
4
1,312 Views
Last Modified: 2012-05-06
Hello:

I would like a capture filter that allows me to capture everything *except* the data payload. I want all the header, frame and protocol stuff, just not the data.

Kind of like 'tshark -i eth0 -V -EXCLUDE_DATA_PAYLOAD > capture.txt

Does anyone know how to do this?
0
Comment
Question by:DesertShark2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 16

Accepted Solution

by:
SteveJ earned 500 total points
ID: 24109073
The easiest way would just be to capture 40-60 bytes unless you have a very small number of protocols.

Good luck,
Steve
0
 

Author Comment

by:DesertShark2
ID: 24110443
OK, I will try that at 60 bytes and report.
0
 
LVL 16

Expert Comment

by:SteveJ
ID: 24111223
Hey  DesertShark2 . . . I am lazy and that seemed easier to me than having to define IP vs TCP vs UDP vs SMB vs SIP vs STP vs IGMP vs etc, etc, etc headers and the precision it would require.

Good luck,
Steve "Mr Lazy"
0
 

Author Closing Comment

by:DesertShark2
ID: 31568095
Wow, it was so easy all along...thanks!
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So, you're experiencing issues on your network and you've decided that you need to perform some tests to determine whether your cabling is good.  You're likely thinking that you may need to spend money which you probably don't have on hiring/purchas…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question