[Alistair.McGlinchy@xxxxxxxxxxxxxxxxxxxxx]

Sylvian

I have writen a quick perl script hack to convert ethereal's -V output into
CSV file. See attached: 

This works on Windows NT with Perl V5.6 but is probably easily ported to any
other system. It is highly dependant on the syntax of the -V output, so will
probably not work should Ethereal developers tweak the output format. I just
wrote it to do a job I needed done fast on 50+ trace files. It parsed those
trace files fine, but your mileage may vary.

Usage:   tethereal -V -n -r trace.cap | perl eth2csv.pl trace_name
Will output csv text to STDOUT 

Or via the DOS batch file. Usage:  eth2csv.bat trace.trc
Will produce a CSV file called trace.trc.csv

Output of is CSV of 
	TraceName,
	Frame,
	Size,
	Abs_Time,Rel_Time,
	Src_MAC,Dst_MAC,
	NL_Prot,
	Src_IP,Dst_IP,
	ALProt,
	Src_Port,Dst_Port

HTH

Alistair

PS Note none of this code is supported by myself or my employers. 

 <<Eth2CSV.pl>>  <<eth2csv.bat>> 
> ----------------------------------------------------------------------
> Alistair McGlinchy,           alistair.mcglinchy@xxxxxxxxxxxxxxxxxxxxx
> Sizing and Performance, Central IT,   ext. 5012,   ph +44 20 7268-5012
> Marks and Spencer, 3 Longwalk Rd, Stockley Park, Uxbridge UB11 1AW, UK 
> 
> -----Original Message-----
> From:	zze-JEZEQUEL Sylvain stagiaire FTRD/RTA/LAN
> [SMTP:sylvain.jezequel@xxxxxxxxxxxxxxxxxxxx]
> Sent:	Thursday, April 11, 2002 10:21 AM
> To:	'ethereal-users@xxxxxxxxxxxx'
> Subject:	[Ethereal-users] ethereal to csv
> 
> Hi All ! 
> 
> I'm a newbie in using Ethereal ( and english language :-) 
> I hope anyone can help me :-) 
> Is there a way to convert a ethereal sniff like .cap file (or any other
> ethereal file format) to a csv file format (or other file format which can
> be use by a program) ?
> 
> Is it possible to save a ethereal sniff immediatly in a .csv (or other)
> file format, a format which can be use under windows ?
> 
> Thank you 
> 
> sylvain.jezequel@xxxxxxxxxxxxxx 
> sylvain.jezequel@xxxxxxxxxxxxxxxxxxxx 
>  << File: sanitizer.log >> 


-----------------------------------------------------------------------


Registered Office:
Marks & Spencer p.l.c
Michael House, Baker Street,
London, W1U 8EP
Registered No. 214436 in England and Wales.

Telephone (020) 7935 4422 
Facsimile (020) 7487 2670

www.marksandspencer.com

Please note that electronic mail may be monitored.

This e-mail is confidential. If you received it by mistake, please let us know and then delete it from your system; you should not copy, disclose, or distribute its contents to anyone nor act in reliance on this e-mail, as this is prohibited and may be unlawful.

The registered office of Marks and Spencer Financial Services Limited, Marks and Spencer Unit Trust Management Limited, Marks and Spencer Life Assurance Limited and Marks and Spencer Savings and Investments Limited is Kings Meadow, Chester, CH99 9FB.

Attachment: Eth2CSV.pl
Description: Binary data

	-------------------------------------------------------
NOTE:	  The attachment below was deleted because it had a
	  suspicious file name (eth2csv.bat).

	  It is the policy of this list to drop any message
	  attachments that may be executable.  See
	  http://www.ethereal.com/lists/#lists
	  for more details.
	-------------------------------------------------------

This message has been 'sanitized'.  This means that potentially
dangerous content has been rewritten or removed.  The following
log describes which actions were taken.

Sanitizer (start="1018525512"):
  Part (pos="1742"):
    SanitizeFile (filename="unnamed.txt", mimetype="text/plain"):
      Match (rule="2"):
        Enforced policy: accept

  Part (pos="4681"):
    SanitizeFile (filename="Eth2CSV.pl", mimetype="application/octet-stream"):
      Match (rule="default"):
        Enforced policy: accept

  Part (pos="7861"):
    SanitizeFile (filename="eth2csv.bat", mimetype="application/octet-stream"):
      Match (rule="1"):
        Enforced policy: drop

      Replaced mime type with: text/plain
      Replaced file name with: MANGLED_ON_PURPOSE-30590.txt

  Total modifications so far: 1


Anomy 0.0.0 : Sanitizer.pm
$Id: Sanitizer.pm,v 1.32 2001/10/11 19:27:15 bre Exp $