Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: Re: [Wireshark-users] Betr: Re: wireshark extract specific field

From: "paritosh kulkarni" <paritosh26@xxxxxxxxx>
Date: Thu, 21 Aug 2008 15:50:06 +0100
Hi Joan,

This is the command i tried even on ubuntu linux

 tshark -o column.format: ""No.", "Time", "%t", "Source", "%s", "Destination", "%d", "Protocol", "%p", ""srcport", "%uS", "dstport", "%uD", "Len", "%L", "tcp.flags.ack", "%Cust:tcp.flags.ack", "tcp.flags.syn", "%Cust:tcp.flags.syn"" -r scam13.cap | head > scam.csv
tshark: Invalid -o flag "column.format:"
 and without
 tshark -o column.format: ""No.", "Time", "%t", "Source", "%s", "Destination", "%d", "Protocol", "%p", ""srcport", "%uS", "dstport", "%uD", "Len", "%L", "tcp.flags.ack", "%Cust:tcp.flags.ack", "tcp.flags.syn", "%Cust:tcp.flags.syn"" -r scam13 | head
tshark: Invalid -o flag "column.format:"

and without head

 tshark -o column.format: ""No.", "Time", "%t", "Source", "%s", "Destination", "%d", "Protocol", "%p", ""srcport", "%uS", "dstport", "%uD", "Len", "%L", "tcp.flags.ack", "%Cust:tcp.flags.ack", "tcp.flags.syn", "%Cust:tcp.flags.syn"" -r scam13 |tshark: Invalid -o flag "column.format:"
be the error???

what must
On Thu, Aug 21, 2008 at 3:20 PM, paritosh kulkarni <paritosh26@xxxxxxxxx> wrote:
Hi Joan,
 
I typed the command and tried on different machines too but alias it gives me same error on both machines.
I will try to install cygwin tools on my windows machine and see if it works.
ne ways thanks for your help.
 
Cheers
Pari

 
On 8/21/08, j.snelders@xxxxxxxxxx <j.snelders@xxxxxxxxxx> wrote:
Hi Pari

Unfortunately I cannot reproduce your error.
I've tried different versions (tshark 1.0.0 and 1.0.2 on different machines
with/without CYGWIN).

Did you copy & paste the command?
The last thing I can think of is to type the command...

Grtz
Joan

>-- Oorspronkelijk bericht --
>Date: Wed, 20 Aug 2008 21:22:39 +0100
>From: "paritosh kulkarni" <paritosh26@xxxxxxxxx>
>To: "Community support list for Wireshark" <wireshark-users@xxxxxxxxxxxxx>
>Subject: Re: [Wireshark-users] wireshark extract specific field
>Reply-To: Community support list for Wireshark <wireshark-users@xxxxxxxxxxxxx>
>
>
>Hi Joan,
>
>I tried skipping head and wrirting only -r test.pcap command
>it gives me an error as
>
>Invalid -o flag "column.format"...why is it so?
>
>pari





_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
https://wireshark.org/mailman/listinfo/wireshark-users