SteelScript NetShark API Slowness

Tyler Johnson



So I am currently attempting to create a python script leveraging the SteelScript example file download.py. This script is supported to connect to a NetShark appliance, which it does, and then apply several filters and a time range before downloading a pcap. The issue is when applying any filters, such as ip.src, the time it takes to download the pcap increases to a point where the file is never retrieved. To clarify, all I am looking to do is download a pcap from a NetShark given a time range and several filters. Any help would be greatly appreciated.

    Leigh Finch

    Hi Tyler,

    Couple of clarifying questions first:


    1. How much is being written to disk on the NetShark? different models have different write to disk limits.

    2. Are you using a Microflow index on the capture job?

    3. What kind of filters are you applying (BPF, NetShark, Wireshark)?

    4. How large is the capture job?

    5. Are you able to post a screenshot of the capture job details?

    6. How large is the time range you are applying?

    7. Are you able to post any of your code?