Wireshark · Ethereal-users: Re: [Ethereal-users] saving ethereal results as a text file

Ethereal-users: Re: [Ethereal-users] saving ethereal results as a text file

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: chedly ghedira <chedly.ghedira@xxxxxxxxx>

Date: Tue, 24 Jan 2006 08:12:20 -0500

thank you,
this is exactly what i want to do

On 1/24/06, Guy Harris <gharris@xxxxxxxxx> wrote:

chedly ghedira wrote:

> i want to analyse ethereal files by writing a script, but i noticed that
> only ethereal can open the file.

Actually, the file format Ethereal captures in, by default, is libpcap
format, which can also be read by Tethereal (not a surprise, as it uses
the same code), tcpdump, and various other programs that can read
libpcap files. Perl has a Net::Pcap package in CPAN that can read
libpcap files; other scripting languages might have libpcap support as well.

However, what you get when you read that file is raw packet data. You
have to parse all the packet data yourself.

> How can i save the result as a file text,

File -> Export -> as Plain Text file.

That'll write out the summary list of packets, or the detailed
dissection of all packets.

There's also

File->Export->as "CSV"
File->Export->XML - "PSML"
File->Export->XML - "PDML"

which might be better formats for a script to process.

_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users

References:
- [Ethereal-users] saving ethereal results as a text file
  - From: chedly ghedira
- Re: [Ethereal-users] saving ethereal results as a text file
  - From: Guy Harris

Prev by Date: Re: [Ethereal-users] saving ethereal results as a text file
Next by Date: Re: [Ethereal-users] GTP captures
Previous by thread: Re: [Ethereal-users] saving ethereal results as a text file
Next by thread: [Ethereal-users] VOIP Capture API available
Index(es):
- Date
- Thread