Wireshark · Wireshark-users: Re: [Wireshark-users] Tshark - displaying all sdp.media

Wireshark-users: Re: [Wireshark-users] Tshark - displaying all sdp.media_attr on win2k system

From: "Boonie" <newsboonie@xxxxxxxxx>

Date: Tue, 9 Nov 2010 19:38:03 +0100


You might be able to use something like: tshark -R "frame contains FOO"
or even: tshark -R "sdp.media_attr && frame contains FOO"

I'll try just that. I don't need the actual contents. I just need the sourceIP. I hope this works.

Remote capture is not an option. I only have remote desktop and SFTP access.And I have some 4000 files of 50MB. This is about one day worth of data. Thenext day, we'll have the same load.


Thanks a lot,

Dave

References:
- [Wireshark-users] Tshark - displaying all sdp.media_attr on win2k system
  - From: Boonie
- Re: [Wireshark-users] Tshark - displaying all sdp.media_attr on win2k system
  - From: Christopher Maynard

Prev by Date: Re: [Wireshark-users] Tshark - displaying all sdp.media_attr on win2k system
Next by Date: Re: [Wireshark-users] Tshark - displaying all sdp.media_attr on win2k system
Previous by thread: Re: [Wireshark-users] Tshark - displaying all sdp.media_attr on win2k system
Next by thread: [Wireshark-users] "No fonts found" error Wireshark on Solaris 8
Index(es):
- Date
- Thread