This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I would like to know if a wireshark pcap file when converted to a windows 7 .txt file using the tshark command tshark -V -r {file} is considered a log file?

asked 17 Apr '12, 19:55

misteryuku's gravatar image

misteryuku
20242630
accept rate: 0%

edited 17 Apr '12, 19:56


No. It's a text file containing the dissection of the network data in the pcap file. The dissection may not be complete if the pcap file contains data that tshark doesn't know how to dissect.

permanent link

answered 17 Apr '12, 23:52

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

Considered by whom, or by what, to be a log file? If that's "considered by Splunk", you'd have to ask the Splunk people about that.

permanent link

answered 18 Apr '12, 11:25

Guy%20Harris's gravatar image

Guy Harris ♦♦
17.4k335196
accept rate: 19%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×238
×28
×9

question asked: 17 Apr '12, 19:55

question was seen: 4,112 times

last updated: 18 Apr '12, 11:25

p​o​w​e​r​e​d by O​S​Q​A