TShark is a tool that is used to analyze the network issues by capturing the packet traces. These captured packets are saved as .
pcap files and Wireshark reads these packet traces.
To protect the system from overload, TShark captures one packet trace at a time.
Ensure that Wireshark application is installed and configure appropriately before proceeding.
On the main SBC screen, go to Troubleshooting > Troubleshooting Tools > TShark. The Run TShark Trace window is displayed.
The following fields are displayed.
Drop-down list of different platform interfaces available for capturing the packet traces.
|Optional field to enter a TShark filter. For example, to capture the |
|Option to enter the name of the packet trace to be saved.|
Specifies the status of the packet trace.
To Start Trace
For Platform Interface, choose the desired value from the Platform Interface drop-down list.
(Optional) For Filter, enter a valid Tshark filter syntax.
For Save log file as, enter the log file name.
Click Start Trace.
Status is updated to
- Proceed to next section to stop and save the trace file.
To Stop and Save Trace
Click Stop and Save Trace. The status is updated to
Trace saved to a fil
.pcap,where <filename> is the name of the saved log file.
To view the TShark log files, go to Troubleshooting > Call Trace/Logs/Monitors > Log Management. Select T-Shark from the list to view the logs. Refer to Log Management for more information.
T-Shark option is not available under the list until at least one trace is started, stopped and saved.