Ethereal-users: Re: [Ethereal-users] Question about extracting Tethereal data

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Guy Harris <guy@xxxxxxxxxx>
Date: Thu, 16 Jan 2003 12:44:45 -0800
On Thu, Jan 16, 2003 at 03:25:30PM -0500, Robert Casto wrote:
> Guy,

You are asking ethereal-users, which is the right thing to do, not just
asking me, as that would be the wrong thing to do.  (It is almost
*always* the wrong thing to do to ask only me questions about Ethereal,
Tethereal, tcpdump, libpcap, and the like, as that assumes that I will
be able to answer the question better than anybody else, which is often
an incorrect presumption - I might not be able to answer it at all, or
somebody else might have a better answer.)

> I was wondering if there was a different way I could get processed data
> from Tethereal?
> 
> What I want to do is log all the HTTP requests and write out different
> pieces of information. The options print a one line synopsis or a full
> blown breakdown of the protocol.
> 
> What I want to do is pull info from the processed info, and then output
> pieces like the IP source and destination addresses and the HTTP header.
> This way I can do logging of web servers without the servers having to
> do it themselves which slows them down.

There is no other form of output available from Tethereal, as nobody's
written any code to do that.  You'd have to write a script to parse the
one-line summary or full-blown breakdown, or modify the Tethereal code.