Solved

Wireshark command line

Posted on 2015-01-20
2
736 Views
Last Modified: 2015-02-05
I am using wirehshark tshark command line to extract host entries to a text file, I am using the below command which looks right from the tutorial but I get the error message tshark: -R without -2 is deprecated. For single-pass filtering use -Y.

Can anyone tell me what the above error means and what I am doing wrong.

C:\Program Files\Wireshark>tshark -r lim.pcapng -R http.host -T fields -e ip.src -e ip.dst -e http.host > httphostim.txt
0
Comment
Question by:Sid_F
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 70

Accepted Solution

by:
Qlemo earned 500 total points
ID: 40560647
The message says it all, either you add -2 to get a two-pass scan, or replace -R by -Y. For your purpose the letter should work fine.
Two-pass scans are required for resent and sequence analysis asf.
0
 
LVL 6

Author Comment

by:Sid_F
ID: 40592251
Thanks sorry for the delay in replying
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question