Hi,
I am building a log viewer where if a user clicks on a log event it can show the related PCAP related to that timeframe. Is there an API where I can send a time and date to a Wireshark API and have the viewer jump to the nearest time period?
The short answer is not one quick API call in the way that you'd like, largely because it's not guaranteed that the frames in capture files are in chronological order, which rules out algorithms that would make a search take faster than linear time but also because no one has implemented it.
A slightly longer answer is that there are ways. You can call cap_file_provider_get_frame_ts() from cfile.h searching through the frames and compare those times to your desired time. If you can assume that the file is in strict time order, you can make that faster with binary search or similar. (It might be helpful to have a flag in the capture_file struct similar to what capinfos stores for strict time order.) Once you get the frame number, there are API calls to go to a particular frame number.
John Thacker