Wireshark · Wireshark-users: Re: [Wireshark-users] doubts about wireshark

["Rob MacKenzie" <rmackenzie@xxxxxxx>]

You would like to save the sorted data to a file?  You can organize the packets and filter them how you’d like, and only save or export that subset if you’d like.

 

As for exporting, the most power is available with Tshark, the command line equivalent.  You can specify more options there.

 

http://www.wireshark.org/docs/man-pages/tshark.html

 

As for only exporting the first 20 bytes, I don’t think that is possible without running through another app or something.

Rob MacKenzie
Test Software Developer

---

From: wireshark-users-bounces@xxxxxxxxxxxxx [mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of Joao Puga
Sent: April 1, 2008 9:07 PM
To: wireshark-users@xxxxxxxxxxxxx
Subject: [Wireshark-users] doubts about wireshark

 

Hello,

 

I’m working with wireshark and I have 2 questions:

 

1 – I’m sending some information via USB to a pcap file to analyze it using wireshark. I would like to know if it’s possible to sort information by time or by source and then save it into a file. In wireshark I can sort as I want but I can’t save changes into file…

 

2 – It’s possible to define fields to export to a CSV file? I would like to export timestamps and first 20 bytes of data.

 

Thanks in advance,

Joao

---------------------------------------------------------------------
This transmission (including any attachments) may contain confidential information, privileged material (including material protected by the solicitor-client or other applicable privileges), or constitute non-public information. Any use of this information by anyone other than the intended recipient is prohibited. If you have received this transmission in error, please immediately reply to the sender and delete this information from your system. Use, dissemination, distribution, or reproduction of this transmission by unintended recipients is not authorized and may be unlawful.