Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-users: Re: [Wireshark-users] is there an Export Protocol Hierarchy capability?

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Martin Visser <martinvisser99@xxxxxxxxx>
Date: Tue, 18 Aug 2009 11:41:09 +1000
Almost ....


With tshark (the command-line version installed by default with Wireshark) you can use the  "-z io,phs" to dump the same stats (though without percentages)

Following is sample output from my Windows laptop that might give you an example of what to expect.

Regards, Martin

MartinVisser99@xxxxxxxxx


./tshark.exe  -c 100 -i 5 -R null -z io,phs
Capturing on Broadcom NetXtreme Gigabit Ethernet Driver
0 packets captured

===================================================================
Protocol Hierarchy Statistics
Filter: frame

frame                                    frames:100 bytes:25953
  eth                                    frames:100 bytes:25953
    ip                                   frames:53 bytes:22767
      tcp                                frames:42 bytes:21411
        http                             frames:10 bytes:1620
          xml                            frames:1 bytes:693
        tcp.segments                     frames:2 bytes:1723
          http                           frames:2 bytes:1723
            data-text-lines              frames:1 bytes:1352
            xml                          frames:1 bytes:371
        data                             frames:1 bytes:55
      udp                                frames:9 bytes:1198
        hsrp                             frames:5 bytes:310
        nbdgm                            frames:2 bytes:648
          smb                            frames:2 bytes:648
            mailslot                     frames:2 bytes:648
              smb_netlogon               frames:2 bytes:648
        snmp                             frames:2 bytes:240
      ospf                               frames:1 bytes:98
      pim                                frames:1 bytes:60
    llc                                  frames:35 bytes:2466
      cgmp                               frames:30 bytes:1800
      stp                                frames:4 bytes:240
      cdp                                frames:1 bytes:426
    arp                                  frames:12 bytes:720
===================================================================




On Fri, Aug 14, 2009 at 7:56 AM, ryan haynes <hyanraynes@xxxxxxxxx> wrote:
is there any way to
A) export the statistics from Protocol Hierarchy to a csv file?
B) use a parsing program that would generate the same "% of Total
Packets" statistics as the Protocol Hierarchy window?

My Goal is to establish a day by day baseline of typical traffic
patterns by protocol, without having to manually enter information
from the Protocol Hierarchy window.
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube