I'm use tshark to read .pcap in linux i want result text to insert \t(tab delimiter of coumn) as same command "tshark -tad - n -r xxxx.pcap" now result text{ 2012-12-05 09:39:20.770766 xxxxxx -> xxxxx LLMNR 86 Standard query A isatap } want result text{ 1 2012-12-05 09:39:20.770766 xxxxxx -> xxxxx LLMNR 86 Standard query A isatap } Is there any way without change command ? plz help me asked 04 Dec '12, 17:17  doomgreen |
One Answer:
If you just want the tabs instead of the spaces, pipe the output of tshark to sed/tr/awk (whatever you prefer) and replace the spaces with a tab. Example for tr:
Regards answered 05 Dec '12, 11:13  Kurt Knochner ♦ edited 05 Dec '12, 12:45 |
