kumar
Reputation: 9427
How do save tcpdump monitoring container for later analysis
I am using below command to monitor a single container. How can I extend this so that I can save the the tcp dump for later analysis using WireShark.
docker run -it --rm --net container:<container_name> \
nicolaka/netshoot tcpdump ...
Upvotes: 1
Views: 1832
Answers (1)
graphite
Reputation: 2960
tcpdump has an option to send raw captured packets to stdout, send it to a file on host:
docker run -it --rm --net container:<> nickolaka/netchoot tcpdump -w - > packets.dump
or wireshark directly
docker run -it --rm --net container:<> nickolaka/netchoot -i any -w - | wireshark -k -i -
Upvotes: 3
Related Questions
- How to capture packets for single docker container
- Download logs from docker containers
- tcpdump on docker container gives error "invalid number of output files"
- Add tcpdump docker image with base image node:10.0.0
- Docker log network traffic during build
- How can I automatically save the docker logs in the host
- How to copy docker logs from a running container
- How can I take logs of a running docker container
- How to save log files from docker container?
- Saving the displayed/filtered packets in wireshark