Riverbed Cascade Pilot Personal Edition: Take Wireshark to the Next Level - Advanced Triggers and Alerts; Web and VoIP Analytics; Long-Term Trending and Forensics; Deep Packet Analysis with Wireshark

Wireshark-users: Re: [Wireshark-users] searching for keywords in DATA fields

Date Index Thread Index Other Months All Mailing Lists

Date Prev Date Next Thread Prev Thread Next

From: Abhik Sarkar <sarkar.abhik@xxxxxxxxx>
Date: Wed, 1 Apr 2009 11:45:15 +0400

Just wanted to throw in another method to achieve the same result... I have used display filters similar to this:

- search for text
frame contains "text"

- or search for a byte pattern
frame contains 6d:e1:90:e8

- or using regular expressions
frame matches "user-agent: Mozilla.*Nokia.*"

HTH
Abhik.

On Wed, Mar 25, 2009 at 8:15 PM, Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx> wrote:

On Wed, Mar 25, 2009 at 11:28:40AM -0400, Parkis, Scott wrote:

> How would I search for a file name or keyword in the data fields in
> filtering a capture?

Edit menu - Find Packet then choose by String and put your search
criteria in the box.

Steve

___________________________________________________________________________
Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives: http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

Next by Date: [Wireshark-users] filtering on Ethernet MAC OUI
Next by thread: [Wireshark-users] filtering on Ethernet MAC OUI
Index(es):
- Date
- Thread