This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

I often need to analyze FIX messages and doing this I could really need a way to be able to create a "calculated field".

e.g. - I have a trace containing FIX stream - I have the OS timestamp when we received the message - I have the FIX time stamp inside the message in SendingTime (Tag52)

To be able to analyze this closer it would be VERY beneficial if it was possible to create a "Calculated Column" and report on that.

It should be able to specify which original columns to use - e.g. Column name FIXDelay = Tag52-OSTime. This would give a quick picture of the delays caused in the FIX stream. Of cause a way to create a graph for this would also be GREAT!

Regards Ib Tornøe

asked 21 Sep '12, 02:31

ITO's gravatar image

ITO
-1222
accept rate: 0%

Interesting idea. I think for now, you would have to use a script to do this offline. You can also checkout commercial analyzers that can decode FIX for you (if you have the right version of FIX as the analyzer). On the right side of this site is the Riverbed/Pilot ad. See if that will be able to help you as it has FIX support.

(21 Sep '12, 14:11) hansangb

Hi hansangb I do have Pilot and that does not have this capability - I have filed a request for new feature. Regarding Wireshark – my idea was to have a common way of adding a column that could contain custom values created out of a formula, where it was possible to do calculations on optional fields in FIX but also in any protocol. Also to be able to use this same formula to draw a graph this would be great. If should send this a new feature request for Wireshark for this feature – where is the right place to do this?

(21 Sep '12, 23:15) ITO

ITO, Scripting is the only way (since FIX views don't support what you need). These types of scripting support is what we (Riverbed) are working on.

(23 Sep '12, 17:17) hansangb

Hi Hansang Bae. I know you are working on this - I have filed the request for this support myself - with this support we can do the same in Pilot as in Corvil. But I would also like to file a request for extension of the functionality natively in Wireshark - where is the preferred place to do that? -Ib Tornøe

(23 Sep '12, 22:29) ITO

The designated place to file feature requests for Wireshark is to file an enhancement request at https://bugs.wireshark.org.

(24 Sep '12, 02:17) SYN-bit ♦♦

That's why there is Lua support in Wireshark :-)

permanent link

answered 21 Sep '12, 03:19

SYN-bit's gravatar image

SYN-bit ♦♦
17.1k957245
accept rate: 20%

Thanks ;-)

(21 Sep '12, 05:19) ITO
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×14
×1

question asked: 21 Sep '12, 02:31

question was seen: 2,214 times

last updated: 24 Sep '12, 02:17

p​o​w​e​r​e​d by O​S​Q​A