On 10/15/2009 06:32 PM, Stephen Fisher wrote: > On Oct 15, 2009, at 12:30 PM, Jeff Morriss wrote: > >> In that case you should probably use 'tshark' and you could (I suppose >> this would work on Windows) do something like: >> >> tshark -V -r /some/cap/file | the_other_analyzer >> >> though I doubt that the commercial tool will really understand this >> output... > > ... and the text is subject to change occasionally
There's also Packet Details Markup Language (PDML) output, selected via tshark's -T option. Since it's an XML-based format it may be easier to parse. If the commercial tool does not understand the output then the original poster could write a simple application to translate PDML to something that the commercial tool understands. The -T option has other options that may be useful, so it is probably something worth looking into. Cheers, Eloy Paris.- netexpect.org ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <[email protected]> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:[email protected]?subject=unsubscribe
