Wireshark · Wireshark-users: Re: [Wireshark-users] adding time and date while using display filters.

Wireshark-users: Re: [Wireshark-users] adding time and date while using display filters.

From: "j.snelders" <j.snelders@xxxxxxxxxx>

Date: Sat, 6 Mar 2010 20:04:22 +0100

Hi Oguz,

Add -e frame.time:
$ tshark -i 3 -f "(port 80)" -t dd -n -R "http.request" -T fields -e frame.time
 -e ip.src -e ip.dst -e http.host -e http.request.uri
Capturing on Broadcom NetXtreme Gigabit Ethernet Driver (Microsoft's Packet
Scheduler)
Mar  6, 2010 19:58:40.041613000 192.168.1.44     209.85.227.99   www.google.co.uk
       /
Mar  6, 2010 19:58:40.175683000 192.168.1.44     209.85.227.100  clients1.google.co.uk
  /generate_204

Best regards
Joan

On Sat, 6 Mar 2010 20:21:20 +0200 Oguz Yilmaz wrote:
>
>For the command line below, how can I add date and time information to
>the output? What is the display filter for current time and date ?
>
>tshark -i eth0 -f "(port 80)" -t ad -n -R "http.request" -T fields -e
>ip.src -e ip.dst -e http.host -e http.request.uri
>
>Current output is:
>81.81.80.80  91.91.90.90   www.test.com        /index.html
>
>Best Regards,

Follow-Ups:
- Re: [Wireshark-users] adding time and date while using display filters.
  - From: Oguz Yilmaz

References:
- [Wireshark-users] adding time and date while using display filters.
  - From: Oguz Yilmaz

Prev by Date: [Wireshark-users] adding time and date while using display filters.
Next by Date: Re: [Wireshark-users] adding time and date while using display filters.
Previous by thread: [Wireshark-users] adding time and date while using display filters.
Next by thread: Re: [Wireshark-users] adding time and date while using display filters.
Index(es):
- Date
- Thread