I tried -E option but it is not as flexible as I expect, it only writes exactly the header name which is specified in -e option in top line of the file above each column, for example the following command:
tshark -T fields -e frame.number -E header=y -E quote=d > out
results the following output:
frame.number
"1"
"2"
"3"
...
but what I am looking for is to write what ever I prefer beside the values in each line, for example
Frame Number : 1 Time : 0.0000
Frame Number : 2 Time : 0.0012
..
can any body suggest me a way to get it?
--- On Tue, 11/11/08, Abhik Sarkar <sarkar.abhik@xxxxxxxxx> wrote:
From: Abhik Sarkar
<sarkar.abhik@xxxxxxxxx>
Subject: Re: [Wireshark-users] writing some text to Tshark output file
To: marnameh@xxxxxxxxx
Received: Tuesday, November 11, 2008, 4:46 AM
Not that I am aware of, but perhaps someone else can suggest
something. You might also want to look at the -E option in combination
with your existing command.
On Tue, Nov 11, 2008 at 7:55 AM, Maryam Homayouni <marnameh@xxxxxxxxx>
wrote:
> Hi,
> I used this option to write the value of some parameters, for example the
> following command :
> tshark -T fields -e frame.num > outfile
>
> results the following output
> 1
> 2
> 3
> 4
> ..
> but i want to have the following output:
> FrameNumber : 1
> FrameNumber : 2
> ..
> I mean I want to make tshark to write what I wrote in command line + the
> value of packet's parameters.
> Is there
any way to do that?
>
> Regards,
> M.Homayouni
>
>
> --- On Mon, 11/10/08, Abhik Sarkar <sarkar.abhik@xxxxxxxxx> wrote:
>
> From: Abhik Sarkar <sarkar.abhik@xxxxxxxxx>
> Subject: Re: [Wireshark-users] writing some text to Tshark output file
> To: marnameh@xxxxxxxxx, "Community support list for Wireshark"
> <wireshark-users@xxxxxxxxxxxxx>
> Received: Monday, November 10, 2008, 5:35 AM
>
> Maryam,
> Please check the manpage of tshark (one copy here
> http://linux.die.net/man/1/tshark).
> I think the -T fields options is what you are looking for.
> Regards,
> Abhik
> On Mon, Nov 10, 2008 at 2:19 PM, Maryam Homayouni
<marnameh@xxxxxxxxx>
> wrote:
>> Hi All,
>>
>> I am new to tshark, trying to redirect some parameters of udp packets
to
> an
>> output file, but in
addition to the parameters I want to write the
name of
>> parameters beside them (from command line) for examlple when I get
frame
>> number parameter , I want to have the "Frame Number" phrase
> before its value
>> in the output file.
>> i.e. output file:
>> Frame Mumber: <frame.num value>
>>
>> could any body help me finding a way for that?
>>
>> Regards,
>> M.Homayouni
>> ________________________________
>> Now with a new friend-happy design! Try the new Yahoo! Canada
Messenger
>> _______________________________________________
>> Wireshark-users mailing list
>> Wireshark-users@xxxxxxxxxxxxx
>> https://wireshark.org/mailman/listinfo/wireshark-users
>>
>>
>
> ________________________________
> Looking for the perfect gift? Give the gift of
Flickr!
|