If you use unix or cygwin you should be able to do this easily by
using tethereal and sed.
Put each of the interesting fields on the summary line using one "-z
proto,colinfo,..." line for each of the fields.
Then use sed to massage the output lines to remove everything except
this output and insert a ',' between each of the fields.
On 8/9/05, Sam Critchley <Sam.Critchley@xxxxxxxxxxxxxx> wrote:
>
> Hi,
>
> I have a .enc capture file from an Adtech AX/4000 tester which I've opened
>
> in Ethereal. The capture consists of about 10,000 packets. Each packet
> consists of a great deal of information including Frame, Ethernet headers,
>
> IP and the AX/4000 virtual test block payload added by the tester.
> Ethereal's done a great job of analysing the huge amount of hex in the
> capture file and making it readable.
>
> I would like to extract *only* the following values from each packet, and
> save them to some kind of parse-friendly text or CSV file:
>
> frame.time
> frame.time_delta
> frame.number
> ax4000.timestamp
> ax4000.seq
>
> Each packet should have a line with values above tab-separated.
>
> I then want to run some statistical analysis on these data using a
> spreadsheet.
>
> I've looked at ways to do this in Ethereal, Tethereal and editcap, but I
> can't seem to find a way to do it. Can anyone perhaps help me out with a
> tip here? Is there a clever way to do this?
>
> Many thanks,
>
>
> Sam
>
> --
> Sam Critchley - mailing-list address
> A2B Location-Based Search Engine - http://www.a2b.cc
> - Find websites near a geographical location
> - Search real-time using a GPS device or from a map
> - Register your blog and see your neighbours in blogland
>
> _______________________________________________
> Ethereal-users mailing list
> Ethereal-users@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-users
>