Revision history [back]
You can use tshark to do this. For example:
tshark -r test.pcap -Y 'cbsp or sabp or sbcap' -O cbsp,sabp,sbcap -T json
Options: -r to read the file, -Y for display filter, -O output only listed protocol, -T (optional) select output format.
See documentation at: https://www.wireshark.org/docs/man-pages/tshark.html
You can redirect the output to a file or run tshark as a sub-process in your application and process its output directly.
You can use tshark to do this. For example:
tshark -r test.pcap -Y 'cbsp or sabp or sbcap' -O cbsp,sabp,sbcap -T json
Options: Options -r to read the file, -Y for display filter, -O output only listed protocol, -T (optional) select output format.
See documentation at: https://www.wireshark.org/docs/man-pages/tshark.html
You can redirect the output to a file or run tshark as a sub-process in your application and process its output directly.
You can use tshark to do this. For example:
tshark -r test.pcap 'cbsp or sabp or sbcap' -Y sbcap -O cbsp,sabp,sbcap sbcap -T json
Options -r to read the file, -Y for display filter, filter (cbsp, sabp or sbcap), -O output only listed protocol, -T (optional) select output format.
See documentation at: https://www.wireshark.org/docs/man-pages/tshark.html
You can redirect the output to a file or run tshark as a sub-process in your application and process its output directly.