Hi Ronnie, everyone,
Thanks very much. A command like this one:
tethereal -z proto,colinfo,ax4000.timestamp,ax4000.timestamp -r
capture.enc
Gives me output looking like this:
1711 0.003509 0.0.0.0 -> 0.0.0.0 AX4000 Chss:0 Prt:1 Idx:1
Seq:0x2d9295f2 TS:3764.954910[msec] ax4000.timestamp == 0x1670dd83
1712 0.003512 0.0.0.0 -> 0.0.0.0 AX4000 Chss:0 Prt:1 Idx:1
Seq:0x2d9295f3 TS:3764.956650[msec] ax4000.timestamp == 0x1670de31
1713 0.003513 0.0.0.0 -> 0.0.0.0 AX4000 Chss:0 Prt:1 Idx:1
Seq:0x2d9295f4 TS:3764.958720[msec] ax4000.timestamp == 0x1670df00
I can get the other values in there as well when I play around with the
arguments. That gives me a text file I can run sed on or parse with a
spreadsheet.
Best wishes,
Sam
On Tue, 09 Aug 2005 22:02:01 +0200, ronnie sahlberg
<ronniesahlberg@xxxxxxxxx> wrote:
If you use unix or cygwin you should be able to do this easily by
using tethereal and sed.
Put each of the interesting fields on the summary line using one "-z
proto,colinfo,..." line for each of the fields.
Then use sed to massage the output lines to remove everything except
this output and insert a ',' between each of the fields.
On 8/9/05, Sam Critchley <Sam.Critchley@xxxxxxxxxxxxxx> wrote:
Hi,
I have a .enc capture file from an Adtech AX/4000 tester which I've
opened
in Ethereal. The capture consists of about 10,000 packets. Each packet
consists of a great deal of information including Frame, Ethernet
headers,
IP and the AX/4000 virtual test block payload added by the tester.
Ethereal's done a great job of analysing the huge amount of hex in the
capture file and making it readable.
I would like to extract *only* the following values from each packet,
and
save them to some kind of parse-friendly text or CSV file:
frame.time
frame.time_delta
frame.number
ax4000.timestamp
ax4000.seq
Each packet should have a line with values above tab-separated.
I then want to run some statistical analysis on these data using a
spreadsheet.
I've looked at ways to do this in Ethereal, Tethereal and editcap, but I
can't seem to find a way to do it. Can anyone perhaps help me out with a
tip here? Is there a clever way to do this?
Many thanks,
Sam
--
Sam Critchley - mailing-list address
A2B Location-Based Search Engine - http://www.a2b.cc
- Find websites near a geographical location
- Search real-time using a GPS device or from a map
- Register your blog and see your neighbours in blogland
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users
_______________________________________________
Ethereal-users mailing list
Ethereal-users@xxxxxxxxxxxx
http://www.ethereal.com/mailman/listinfo/ethereal-users
--
Sam Critchley - mailing-list address
A2B Location-Based Search Engine - http://www.a2b.cc
- Find websites near a geographical location
- Search using a GPS device or from a map
- Register your blog and see your neighbours in blogland
