Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: Re: [Wireshark-users] wireshark extract specific field

From: "paritosh kulkarni" <paritosh26@xxxxxxxxx>
Date: Thu, 28 Aug 2008 20:08:53 +0100
Hi Joan,
This is hte command where i get error
I am using the same version as you Tshark 1.0.2
 
C:\Program Files\Wireshark>tshark -o column.format: ""No.", "%m", "Time", "%t",
"Source", "%s", "Destination", "%d", "srcport", "%uS", "dstport", "%uD", "Protoc
ol", "%p", "Len", "%L", "tcp.flags.ack", "%Cus:tcp.flags.ack", "tcp.flags.syn",
"%Cus:tcp.flags.syn"" -r 23.cap > d:\23.txt
tshark: Invalid -o flag "column.format:"
I found the error..there were no "" on front of custom.format.
But i have one more question how do i have header in this file and change the time format
 
cheers
pari
On Thu, Aug 28, 2008 at 6:56 PM, <j.snelders@xxxxxxxxxx> wrote:
On Tue, 26 Aug 2008 paritosh kulkarni wrote:
>Thanks for the typo mistakes...but still i get this error message.
>I tried it without the flag fileds and it works but when i pit tcp.flags
command it gives me the error.

Hi Pari,

I really don't know, why you get the errors (and I don't).
Does somebody else have any idea?

Can you copy your commands and the errors?
I'll give it another go.

What version are you on?
I'm at TShark 1.0.2 (SVN Rev 25698).

Thnx
Joan




_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
https://wireshark.org/mailman/listinfo/wireshark-users