Wireshark · Wireshark-dev: Re: [Wireshark-dev] Extracting expert info using tshark

Wireshark-dev: Re: [Wireshark-dev] Extracting expert info using tshark

From: Martin Mathieson <martin.r.mathieson@xxxxxxxxxxxxxx>

Date: Thu, 15 Sep 2011 00:15:43 +0100

On Wed, Sep 14, 2011 at 11:17 AM, Martin Mathieson <martin.r.mathieson@xxxxxxxxxxxxxx> wrote:

Hi,

I'd like to be able to extract the information that Wireshark shows in the 'Expert Info Composite' window using tshark, i.e. list each category (error, warning, note, chat) as a separate section - not sure if I'd want to sort them within the section or just leave it chronological...

It doesn't look like it would be straightforward to script this... would adding an option such as -z expert_info,stat be the best way to implement this?

Thanks,
Martin

I did implement this as a tap and will submit it tomorrow if I have time.
Martin

References:
- [Wireshark-dev] Extracting expert info using tshark
  - From: Martin Mathieson

Prev by Date: [Wireshark-dev] Ready to remove all non-ui-manager code?
Next by Date: Re: [Wireshark-dev] For TShark, provide a way to control the output format. E.g., 'tshark -e "ip udp tcp.port"' would expand the IP and UDP sections and display the TCP port information.
Previous by thread: [Wireshark-dev] Extracting expert info using tshark
Next by thread: Re: [Wireshark-dev] WAPI decode and decryption
Index(es):
- Date
- Thread