Wireshark · Wireshark-dev: [Wireshark-dev] Shard Output Format

Wireshark-dev: [Wireshark-dev] Shard Output Format

From: Oliver-Tobias Ripka <otr@xxxxxxxxxx>

Date: Fri, 13 Sep 2019 13:22:14 +0200

Hello List,

I am looking to influence the output format of the sharkd json.

For example tshark -T fields -e tcp.flags.syn, formats the flag as 0 or 1

Sharkd outputs "Set", "Not Set" similar to adding a column in the
Wireshark GUI. I was looking at the function sharkd_dissect_columns in
sharkd.c but couldn't directly find an option to change the formatting.

How can I influece the behaviour of sharkd to not resolve the values
into "Set" and "Not Set"?

All the best,

Oliver
--

Follow-Ups:
- Re: [Wireshark-dev] Shard Output Format
  - From: Dario Lombardo

Prev by Date: [Wireshark-dev] Wireshark 3.0.4 is now available
Next by Date: Re: [Wireshark-dev] Shard Output Format
Previous by thread: [Wireshark-dev] Wireshark 3.0.4 is now available
Next by thread: Re: [Wireshark-dev] Shard Output Format
Index(es):
- Date
- Thread