Wireshark-users: Re: [Wireshark-users] tethereal Display filter problems.

From: sebb <sebbaz+ws@xxxxxxxxx>
Date: Mon, 22 Jan 2007 19:10:25 +0000
On 22/01/07, Shane Milburn <shane.milburn@xxxxxxxxxxxx> wrote:





I've got around 100 captures that I need to process and extract some http & XML data from into a text file. I'm having problems getting the command-line syntax to work. Can someone take a look at my syntax and let me know what I'm doing wrong?

 $ tethereal -r soaplogs_00001_2007011808084032.cap -R "(http.host eq "myhost.mydomain.com") || (xml.tag == "<rejectlogin xsi:type=\"xsd:int\">") -T text -V > soap-xml-log.txt

Looks like there are some mismatched quotes above.

When I open the file in Windows and apply the display filter
(http.host eq "myhost.mydomain.com") || (xml.tag == "<rejectlogin
xsi:type=\"xsd:int\">") to the open capture it works just fine. But
when I try to do this from my linux box on a command line so that I
can batch process the 100 captures I can't seem to make it work.




Any help on what I'm doing wrong for this display filter?

thanks,
-shane
--
Shane B. Milburn, Sr. Network/Systems Engineer, iovation Inc.
[Manager of Computer Thingamabobs]
Office: +1 503-943-6739 | Mobile: +1 503-413-9281 | Fax: +1 503-224-1581

The information contained in this email message may be privileged, confidential and protected from disclosure. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this email message in error, please notify the sender by reply email and delete the message and any attachments.
_______________________________________________
Wireshark-users mailing list
Wireshark-users@xxxxxxxxxxxxx
http://www.wireshark.org/mailman/listinfo/wireshark-users