Hi Team,
i have sniffer inserted to a COM Port suppose COM22. How can i specify this configuration in Wireshark or via cmd in tshark, to get the live zigbee packets which sniffer on COM22 is fetching. Also, I need to specify the channel number as well. Please suggest.
Thanks & Regards, Neha Malhotra
The link provided by @Chuckc provides some general information and further links.
Basically, Wireshark and Tshark expect the data to be presented as a stream/fifo/file in the right format.
Depending on your sniffer, you need to use the right "driver"/"extcap" to read your key and to convert it to this format.
Some "extcap" implementations have options that allow Wireshark to know what parameters the user can provide so that wireshark can propose them in its configuration popup for the extcap connector. In this case you can - with the right configuration - just click on the extcap listing in Wireshark which will launch the extcap tool and provide the fifo to which it should be writing.
Most extcap tools have a readme that will explain how to use it (which file to copy to the extcap directory, etc).
Comments
https://ask.wireshark.org/question/12...
Have you looked at https://wiki.wireshark.org/IEEE_802.15.4 ?