On Sun, Oct 30, 2011 at 10:38:41AM -0700, Stuart Kendrick wrote:
> How do I persuade tshark to display what Wireshark calls the 'Info' or
> 'Information' column?
You can temporarily change the preferences for columns to display using
the -o option. To display only the info column, try this (the first is
the title of the column, which tshark doesn't display and the second
value is the code to use [see below]):
tshark -o column.format:"Info","%i"
The syntax is taken from the preferences file (on Unix,
~/.wireshark/preferences and on Windows, check the Folders tab in
Help->About and look for global configuration) and you can find all of
the % codes for columns from epan/column.c in the source code
(http://anonsvn.wireshark.org/viewvc/trunk/epan/column.c?revision=37898&view=markup)