VMware Cloud Community
lukeglazebrook
Enthusiast
Enthusiast
‎12-18-2014 07:35 AM

Any idea how I can get tcpdump-uw to capture more than the last 60 seconds worth of data?

Any idea how I can get tcpdump-uw to capture more than the last 60 seconds worth of data?  Trying to troubleshoot a Newflow issue the people administrating the Netflow collector say they only get a brief burst of data if I make a config change and that's it.  I am hoping to see traffic leaving the host to the collector for a sustained period.

0 Kudos
1 Reply
bspagna89
Hot Shot
Hot Shot
‎12-19-2014 10:53 PM

Hmm,

Let's try this. What if you SSH into your host using PuTTY and configure PuTTY to log its results -> Session -> Logging set a path. Then, we can try using the -C switch and set it for a large amount so that you are able to get more than 60 seconds. There is also a Seconds Switch but that wasnt really do much for me.. I set it to 5 and it clearly went past 5. That switch is -G 5 (replace 5 with any number..)

See if this gets your more than 60 seconds.

tcpdump-uw -c 100000000000000000000000000

New blog - https://virtualizeme.org/
0 Kudos