Hi Jehanzeb,
thanks for your fast feedback.
Yes, we tried the export function, but we need a solution without
manual intervention. Wireshark should run permanent 24 hours producing log
files. It would be perfect if the files had only the data we need. For smtp this
would be per email one line with:
timestamp, sender-email, receiver-email, subject, mail-length
(bytes)
Is this possible with wireshark/tshark?
Regards
Frank
Von:
wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] Im Auftrag von Jehanzeb
Khan
Gesendet: Mittwoch, 26. März 2008 11:28
An: Community support list for Wireshark
Betreff: Re: [Wireshark-users] Using Wireshark to store decoded capture
files
Have you
tried exporting (under file menu) the capture file with packet details
expanded?
----- Original Message ----
From: "Brüggemann, Frank" <f.brueggemann@xxxxxxxxx>
To: wireshark-users@xxxxxxxxxxxxx
Sent: Wednesday, March 26, 2008 3:18:36 PM
Subject: [Wireshark-users] Using Wireshark to store decoded capture files
Hello,
is
there any way to store permanent decoded packets and not the raw data in
capture files?
We
would like to export http and smtp headers in a database for accounting and
need a “human readable” format.
Thanks
Frank
