Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
639
Views
0
Helpful
1
Replies

Wireshark Setup

winston.lewis
Level 1
Level 1

‎08-20-2010 06:12 AM

Does anyone use wireshark to capture packets, if yes, what are the steps to begin the process? The ports have already been spanned and ready to go.

Please advise....

Labels:
0 Helpful
1 Reply 1

Joe Clarke
Cisco Employee
Cisco Employee

‎08-20-2010 10:12 PM

I use it all the time.  It's very easy to use.  Just plug your wireshark host into the destination SPAN port and go to Capture > Start.  That will start capturing all ports spanned from the source.  If you want to do filtering of these packets as the capture is running, go to Capture > Options and define a capture filter.  For example, to filter on all HTTP traffic, use the filter "tcp port 80".

0 Helpful
Customers Also Viewed These Support Documents