Ethereal-users: RE: [Ethereal-users] Question about extracting Tethereal data

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Robert Casto" <robert@xxxxxxxxxxxxx>
Date: Thu, 16 Jan 2003 15:46:14 -0500
All,

Has anyone written anything to pull information from the nodes in the
data tree that are created when a protocol is recognized? I would like
to pull the information rather than creating a program to take the piped
input and output only the fields I really need.

Guy, I didn't mean to ruffle your feathers. You seem to be the most
knowledgeable of the tool and have been answering everyone's questions.
that is why I addressed you in the email.


Robert Casto 
InsightETE Corporation
Tel (513) 755-2221 
Cell (513) 349-5282 
robert@xxxxxxxxxxxxxx 
http://www.insightete.com


-----Original Message-----
From: ethereal-users-admin@xxxxxxxxxxxx
[mailto:ethereal-users-admin@xxxxxxxxxxxx] On Behalf Of Guy Harris
Sent: Thursday, January 16, 2003 3:45 PM
To: Robert Casto
Cc: ethereal-users@xxxxxxxxxxxx
Subject: Re: [Ethereal-users] Question about extracting Tethereal data


On Thu, Jan 16, 2003 at 03:25:30PM -0500, Robert Casto wrote:
> Guy,

You are asking ethereal-users, which is the right thing to do, not just
asking me, as that would be the wrong thing to do.  (It is almost
*always* the wrong thing to do to ask only me questions about Ethereal,
Tethereal, tcpdump, libpcap, and the like, as that assumes that I will
be able to answer the question better than anybody else, which is often
an incorrect presumption - I might not be able to answer it at all, or
somebody else might have a better answer.)

> I was wondering if there was a different way I could get processed
data
> from Tethereal?
> 
> What I want to do is log all the HTTP requests and write out different
> pieces of information. The options print a one line synopsis or a full
> blown breakdown of the protocol.
> 
> What I want to do is pull info from the processed info, and then
output
> pieces like the IP source and destination addresses and the HTTP
header.
> This way I can do logging of web servers without the servers having to
> do it themselves which slows them down.

There is no other form of output available from Tethereal, as nobody's
written any code to do that.  You'd have to write a script to parse the
one-line summary or full-blown breakdown, or modify the Tethereal code.
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users