All, Has anyone written anything to pull information from the nodes in the data tree that are created when a protocol is recognized? I would like to pull the information rather than creating a program to take the piped input and output only the fields I really need.
Guy, I didn't mean to ruffle your feathers. You seem to be the most knowledgeable of the tool and have been answering everyone's questions. that is why I addressed you in the email. Robert Casto InsightETE Corporation Tel (513) 755-2221 Cell (513) 349-5282 [EMAIL PROTECTED] http://www.insightete.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Guy Harris Sent: Thursday, January 16, 2003 3:45 PM To: Robert Casto Cc: [EMAIL PROTECTED] Subject: Re: [Ethereal-users] Question about extracting Tethereal data On Thu, Jan 16, 2003 at 03:25:30PM -0500, Robert Casto wrote: > Guy, You are asking ethereal-users, which is the right thing to do, not just asking me, as that would be the wrong thing to do. (It is almost *always* the wrong thing to do to ask only me questions about Ethereal, Tethereal, tcpdump, libpcap, and the like, as that assumes that I will be able to answer the question better than anybody else, which is often an incorrect presumption - I might not be able to answer it at all, or somebody else might have a better answer.) > I was wondering if there was a different way I could get processed data > from Tethereal? > > What I want to do is log all the HTTP requests and write out different > pieces of information. The options print a one line synopsis or a full > blown breakdown of the protocol. > > What I want to do is pull info from the processed info, and then output > pieces like the IP source and destination addresses and the HTTP header. > This way I can do logging of web servers without the servers having to > do it themselves which slows them down. There is no other form of output available from Tethereal, as nobody's written any code to do that. You'd have to write a script to parse the one-line summary or full-blown breakdown, or modify the Tethereal code. _______________________________________________ Ethereal-users mailing list [EMAIL PROTECTED] http://www.ethereal.com/mailman/listinfo/ethereal-users
