Tag: Wireshark

2023-10-17 – Global Exacq Support Training – Troubleshooting Camera Connections

Post author By Bhargav Atturu
Post date October 17, 2023

Tags Level2, Training, Networking, 17751, Cameras, Troubleshooting, VLC, Wireshark

Knowledge Support Support Uncategorized

How to capture the traffic from the terminal via Tshark

Post author By Mena Awed
Post date April 6, 2023

How to capture the traffic from the terminal via Tshark

Discription

The following steps will show you how to capture the traffic data via the terminal using Tshark

Steps

Updating the repositories and installing tshark.

sudo apt update

sudo apt upgrade

sudo apt install tshark

You can check the NIC on your machine via the following command.

sudo tshark -D

To run the tshark via terminal capturing from all NICs and saving the captured data to the PCAP file extension.

sudo tshark -w /tmp/tshark.pcap -i any

You can capture the traffic for a specific host from a specific NIC

sudo tshark -w /tmp/tshark.pcap -i INTERFACE host IPADDRESS

Where INTERFACE is the specific Interface found earlier with tshark -D and IPADDRESS is the IP address of interest

Keep it running for 10 mins “More/Less”, then Press Ctrl-C

You can check the captured file info via the following command line.

sudo ls -lha /tmp/tshark.pcap

You can check the data inside your PCAP file via terminal

sudo tshark -r /tmp/tshark.pcap

Download the file, and then you can check it from your machine via Wireshark

Tags Wireshark, Level2, tshark, Traffic, Data Capture, 14043

Knowledge Support Support exacqVision Server Categories Products exacqVision Integrations

Wireshark Illustra Cameras for Motion Detection

Post author By Bhargav Atturu
Post date June 16, 2022

NOTE: If you are experiencing trouble with motion recording using an Illustra camera on Exacq, please also refer to the following article, HERE.

If you are attempting to confirm that motion detection is being sent from an Illustra camera to the VMS with Wireshark:

1. Be sure you are connecting to the camera via HTTP. Capturing encrypted HTTPS traffic will not provide readable data.

2. Start the capture, trigger the desired motion.

3. The camera data will look similar to this. The example displayed shows the camera at 192.168.0.6 sending TCP packets to the server at 192.168.0.90. Note: Depending on the devices and activity on your network you may have a lot of different sources, destinations and protocol types displayed.

4. In the display filter bar above, enter the following filter string:

tcp contains NotificationMessage and tcp contains Motion

The filter displays only the packets indicating motion detection was included in the data sent to the server. In the above example, three packets were found.

5. Examining the packet closer you can view the XML message sent by the camera.