Wireshark

  • Riverbed Technology
  • WinPcap
the world's foremost network protocol analyzer
  • Wireshark
    • About
    • Download
    • Blog
  • Get Help
    • Ask a Question
    • FAQs
    • Documentation
    • Mailing Lists
    • Online Tools
    • Wiki
    • Bug Tracker
  • Develop
    • Get Involved
    • Developer's Guide
    • Browse the Code
    • Latest Builds

Wireshark-users: [Wireshark-users] Filtering / Exporting Fields of a Protocol

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next


From: "Barry Constantine" <Barry.Constantine@xxxxxxxx>
Date: Fri, 2 May 2008 13:19:00 -0700

Hello All,

 

I am pretty familiar with the various ways to display filter packets based upon the fields within the packets (i.e. tcp.rst, ip.addr, etc..).

 

I also have used command tshark to perform this filtering as well as iostat type output.

 

The question I have: is there a way to only extract the fields within the packet and export to text file?

 

Right now, I do basic packet filtering at the command line tshark and output to plain text file.  Then I wrote a simple perl script to further filter out the fields of interest.

 

I just wanted to make sure I did not miss an easier way to do this in Wireshark.

 

I thought of iostat, but I am not interested in various statistics over time intervals; I just need the raw data from certain fields so that we can manipulate in a spreadsheet.

 

Thanks,

Barry

 

 

  • Follow-Ups:
    • Re: [Wireshark-users] Filtering / Exporting Fields of a Protocol
      • From: Sake Blok
  • Prev by Date: Re: [Wireshark-users] protocol adjustment
  • Next by Date: [Wireshark-users] Capture hardware
  • Previous by thread: Re: [Wireshark-users] Editing Wireshark File
  • Next by thread: Re: [Wireshark-users] Filtering / Exporting Fields of a Protocol
  • Index(es):
    • Date
    • Thread

Wireshark and the "fin" logo are registered trademarks of the Wireshark Foundation