Page 1 of 2
					
				Wireshark on eve-ng pro
				Posted: Wed Jul 13, 2022 4:32 pm
				by kiteboy
				Do anyone no how to stop this opening up a window in eve and running a version that this nested so to speak. 
I want it to work like it did with eve community and fire up Wireshark on my local machine. 
reason being I want to easily be able to save capture and change setting permanently  in Wireshark
			 
			
					
				Re: Wireshark on eve-ng pro
				Posted: Mon Jul 18, 2022 5:54 am
				by Uldis (UD)
				No,
EVE Pro only integrated Wireshark due the security reasons
			 
			
					
				Re: Wireshark on eve-ng pro
				Posted: Fri Sep 23, 2022 9:17 am
				by Soter
				Uldis (UD) wrote: ↑Mon Jul 18, 2022 5:54 am
No,
EVE Pro only integrated Wireshark due the security reasons
 
Hi I also think this feels wrong, not having the desktop wireshark available, as the embedded wireshark takes up too much space, and just feels limmited.
So what security reasons might that be? I mean most users use Eve-ng as a closed testing, or POC enviroment and never in any production. 
Br. Soter
 
			
					
				Re: Wireshark on eve-ng pro
				Posted: Fri Sep 23, 2022 7:28 pm
				by Uldis (UD)
				EVE Pro have only integrated docker wireshark
			 
			
					
				Re: Wireshark on eve-ng pro
				Posted: Wed Oct 12, 2022 11:21 am
				by aldro
				Hello, Colleagues.
I run the wireshark built into eve-ng pro,
then forgetting to stop and close it, I closed the window with the eve-ng WEB interface.
Please tell me where the collected traffic is stored and the Wireshark instance is not closed to clear it from HD?
it seems to me that it took up quite a lot of space
			 
			
					
				Re: Wireshark on eve-ng pro
				Posted: Wed Oct 19, 2022 9:40 pm
				by kiteboy
				#############
			 
			
					
				Re: Wireshark on eve-ng pro
				Posted: Wed Oct 19, 2022 9:41 pm
				by Uldis (UD)
				aldro wrote: ↑Wed Oct 12, 2022 11:21 am
Hello, Colleagues.
I run the wireshark built into eve-ng pro,
then forgetting to stop and close it, I closed the window with the eve-ng WEB interface.
Please tell me where the collected traffic is stored and the Wireshark instance is not closed to clear it from HD?
it seems to me that it took up quite a lot of space
 
Please read the eve pro cookbook sometimes, there is explained how to store wireshark files from eve labs
 
			
					
				Re: Wireshark on eve-ng pro
				Posted: Wed Oct 19, 2022 9:52 pm
				by kiteboy
				I still thing the pro version behaviour here is less prefered than the community version
Now on Pro I canont run wireshark at all 
Appart from this one thing great work though
##############################
SLIM APPLICATION ERROR
The application could not run because of the following error:
DETAILS
Type: ErrorException
Code: 8
Message: Undefined offset: 0
File: /opt/unetlab/html/includes/api_capture.php
Line: 99
TRACE
#0 /opt/unetlab/html/includes/api_capture.php(99): Slim\Slim::handleErrors()
#1 /opt/unetlab/html/api.php(1575): apiCapture()
#2 /opt/unetlab/html/includes/Slim/Route.php(468): {closure}()
#3 /opt/unetlab/html/includes/Slim/Slim.php(1357): Slim\Route->dispatch()
#4 /opt/unetlab/html/includes/Slim/Middleware/Flash.php(85): Slim\Slim->call()
#5 /opt/unetlab/html/includes/Slim/Middleware/MethodOverride.php(92): Slim\Middleware\Flash->call()
#6 /opt/unetlab/html/includes/Slim/Middleware/PrettyExceptions.php(67): Slim\Middleware\MethodOverride->call()
#7 /opt/unetlab/html/includes/Slim/Slim.php(1302): Slim\Middleware\PrettyExceptions->call()
#8 /opt/unetlab/html/api.php(2476): Slim\Slim->run()
#9 {main}
			 
			
					
				Re: Wireshark on eve-ng pro
				Posted: Wed Oct 19, 2022 9:54 pm
				by Uldis (UD)
				YOU HAVE NOT installed EVE Pro dockers at all !!
it is mandatory
apt update
apt install eve-ng-dockers
			 
			
					
				Re: Wireshark on eve-ng pro
				Posted: Mon Feb 06, 2023 9:54 pm
				by kiteboy
				Hi Uldis
Thanks this was working and has stoped  , I will try installing the dockers but ..... 
not supporting external wireshark is a step backwards between community >> professional. 
There are good reasons to want this external,   plugins and disectors for wireshark.
I do not buy the security reasons explaination, this is a product I run in my own lab, there cannot be any "security issues ". 
Regards
Simon