Wireshark · Wireshark-dev: [Wireshark-dev] Using regular expression match as custom column

Wireshark-dev: [Wireshark-dev] Using regular expression match as custom column

Date: Mon, 12 Dec 2011 13:17:19 -0500

Hello,

With Wireshark, I can't seem to be able to do either of these:
1. Export to file the exact contents of the columns that are displayed and nothing more
2. Create a custom column that contains the results of a matched regular _expression_, e.g.:

tcp.data starts with "HEAD /reports/packages/rg.wsh?notification_who=noc@xxxxxxx&notification_cc="

Regular _expression_ of interest in this case: "notification_who=([^&]+)&"
This would display the following data: noc@xxxxxxx

I actually have other information to display, but the mechanism I'm asking about would be very powerful, and I have seen nothing about it or anything similar in your wiki.

Sincerely,
William

Follow-Ups:
- Re: [Wireshark-dev] Using regular expression match as custom column
  - From: Chris Maynard

Prev by Date: Re: [Wireshark-dev] Console Window option moved?
Next by Date: Re: [Wireshark-dev] for error on verify tools installed for Wireshark development
Previous by thread: Re: [Wireshark-dev] Console Window option moved?
Next by thread: Re: [Wireshark-dev] Using regular expression match as custom column
Index(es):
- Date
- Thread