Ethereal-users: [Ethereal-users] Extracting specific data from capture

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Index Thread Index Other Months All Mailing Lists
Date Prev Date Next Thread Prev Thread Next
From: "Sam Critchley" <Sam.Critchley@xxxxxxxxxxxxxx>
Date: Tue, 09 Aug 2005 18:59:37 +0200

Hi,
I have a .enc capture file from an Adtech AX/4000 tester which I've opened in Ethereal. The capture consists of about 10,000 packets. Each packet consists of a great deal of information including Frame, Ethernet headers, IP and the AX/4000 virtual test block payload added by the tester. Ethereal's done a great job of analysing the huge amount of hex in the capture file and making it readable.
I would like to extract *only* the following values from each packet, and save them to some kind of parse-friendly text or CSV file: 

frame.time
frame.time_delta
frame.number
ax4000.timestamp
ax4000.seq

Each packet should have a line with values above tab-separated.
I then want to run some statistical analysis on these data using a spreadsheet.
I've looked at ways to do this in Ethereal, Tethereal and editcap, but I can't seem to find a way to do it. Can anyone perhaps help me out with a tip here? Is there a clever way to do this? 

Many thanks,


Sam

--
Sam Critchley - mailing-list address
A2B Location-Based Search Engine - http://www.a2b.cc
- Find websites near a geographical location
- Search real-time using a GPS device or from a map
- Register your blog and see your neighbours in blogland