I would like to know if a wireshark pcap file when converted to a windows 7 .txt file using the tshark command tshark -V -r {file} is considered a log file? asked 17 Apr '12, 19:55  misteryuku edited 17 Apr '12, 19:56 |
2 Answers:
No. It's a text file containing the dissection of the network data in the pcap file. The dissection may not be complete if the pcap file contains data that tshark doesn't know how to dissect. answered 17 Apr '12, 23:52  grahamb ♦ |
Considered by whom, or by what, to be a log file? If that's "considered by Splunk", you'd have to ask the Splunk people about that. answered 18 Apr '12, 11:25  Guy Harris ♦♦ |
