Wireshark-users: Re: [Wireshark-users] How to extract ONLY the info I want from captured data(Eth

From: Jeff Morriss <jeff.morriss@xxxxxxxxxxx>
Date: Thu, 16 Nov 2006 11:23:38 +0800

Though that does rely on Wireshark/tshark's output not changing. (E.g., if I currently match on FooBar and it changes to FooV2Bar because someone added V3 support, my text processing just broke!)

Jaap Keuter wrote:
Hi,

Sure, output as textfile, postprocess with [perl, awk, your favorite].
String together the strength of small powerful tools, instead of putting
all in one.

Thanx,
Jaap

On Mon, 13 Nov 2006, Sean WANG wrote:

Hi,

I have a captured data file. How do I extract ONLY the info I am
interested for each packet? I want the output file contain only (Source
IP, Destination IP, Source Port, Destination Port, Protocol, Received
Time).

Is there any command of Ethereal that I can use? Or do you have any
other suggestions?
Thx a lot.

Regards,
Sean



_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users