I would like to get logs out of pcap files (the pcap file is converted to windows .txt file using tshark command tshark -V -r {file}) so that i can display these packet capture logs in Splunk. What is the most common,standard, correct way of getting logs out from the pcap files that are converted to windows 7 .txt file especially when i am going to show the logs in the Splunk?? asked 18 Apr '12, 01:42  misteryuku edited 18 Apr '12, 01:44 |
2 Answers:
As per the answers by Guy Harris to your very similar question here, this is really a question for the Splunk folks, not Wireshark. answered 18 Apr '12, 01:59  grahamb ♦ |
The standard way to get log files is, as you already said in your question, to use TShark in the fashion you describe: as a Windows command. answered 18 Apr '12, 11:11  Guy Harris ♦♦ |
You've now asked 14 questions and have not accepted any of the answers to any of them. You do realise that folks are attempting to help you out on their own time here? Please recognise any answers that have helped by clicking the check mark icon on the answer to "accept" them.
Yes sir, i understand. im very sorry about it.
No problem, but it motivates folks to answer your questions, and helps others who may have the same question to see an "accepted" answer.