Is there such thing as decoding a wireshark pcap file. Is decoding a pcap file the same as transforming a wireshark pcap file to a windows txt file? asked 17 Apr '12, 22:21  misteryuku |
3 Answers:
No. See my answer to your other very similar question here answered 17 Apr '12, 23:54  grahamb ♦ |
That depends on what you mean by "decoding". It's "decoding" in the sense that it makes a human-readable file. It may or may not be a good format for a program - such as, oh, let's pick a hypothetical example, Splunk - to read; that would depend on the program. If you want to know whether it would be something that Splunk could usefully process, you might try asking on the Splunk Q&A site rather than asking here on the Wireshark Q&A site. answered 18 Apr '12, 11:29  Guy Harris ♦♦ |
And if you mean decrypting, as in SSL or TLS encrypted traffic for HTTPS or some other protocol, then ask that question too. answered 18 Apr '12, 16:06  inetdog |
