![]() You can select the features from this tshark link, based on the protocol.Įxample: Extract IP address (source and destination), Protocol, MAC address (source and destination) from a PCAP file and output a CSV file. The list of the fields/features can be long to be mentioned here. ![]() ![]() E header= y: if you want to have the name of features in the output CSV files. The above code will read a pcap file, extract the features (fields) and output a CSV file. Tshark can do that using the following instruction: tshark -r (path of pcap file) -E separator=, -E header=y -T fields -e field1 -e field2. ![]()
0 Comments
Leave a Reply. |