Is it possible to have this header information represent the sequence number or the time?
It's a time, without a date. It's a format used by certain Tektronix protocol analyzers. You shouldn't use it if you don't have to, i e. if you don't have a Tek protocol analyzer, because it's a pretty terrible format. You can't change the header information because then it wouldn't be a K12 file.
https://wiki.wireshark.org/K12 https://gitlab.com/wireshark/wireshar...
What problem are you trying to solve by exporting to that format?
I am importing the txt file into excel where I can parse it and verify that the message is consistent with the Interface control document (ICD). I need to be able to track which packet is being parsed either by sequence number or time.
You probably want one of the options available under "Export Packet Dissections." If you want to track the sequence number or the time, then one way that is compatible with spreadsheets like Excel is to add all the relevant columns you need (such as sequence number, time, and payload), and export as CSV.
then one way that is compatible with spreadsheets like Excel is to add all the relevant columns you need
If somebody hasn't already filed an enhancement-request issue to allow exporting named fields, rather than columns, as a CSV file, so that the "add the relevant columns" field doesn't have to be done in this case, that needs to be done. (This can currently be done with TShark and the -T fields., -e {fieldname}, and -E separator=, options.)
Comments