tshark_capture
Start a remote packet capture with tshark. Retrieve captured packets in JSON format by specifying interface, count, filter, and timeout.
Instructions
Start packet capture on the remote Kali machine. Returns captured packets in JSON format. Requires sudo on the remote host.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| count | No | Number of packets to capture (default: 10, max: 1000) | |
| filter | No | Capture filter (BPF syntax, e.g., 'port 80', 'host 192.168.1.1') | |
| timeout | No | Capture timeout in seconds (default: 10, max: 60) | |
| interface | Yes | Network interface to capture on (e.g., eth0, wlan0) | |
| outputFile | No | Optional: Save capture to pcap file on remote host |