This is our old Q&A Site. Please post any new questions and answers at

I am trying to figure out how I can export the SNMP OID values that wireshark picked up. My issue is that when I export the raw data it is all together and not seperated.

All I want to to is get only the actual SNMP values it is sending back. When I open up the packet in wireshark I can see it neatly presented.

Can anyone offer any assistance?

Also could you help me do the same with tshark, the command line for wireshark?

EDIT: As you can see it is sending the values back in hex, this is exactly what I am looking for. I want to export each individual value to a text file.

asked 25 Mar '14, 01:06

Joe%20Page's gravatar image

Joe Page
accept rate: 0%

edited 25 Mar '14, 01:08

In Wireshark you could create a column for the field, export it as CSV and customize it in Excel.

(25 Mar '14, 01:58) Roland

Please try this

tshark.exe -nr input.pcap -Y "snmp" -T fields -e frame.number -e -E header=yes -E separator=;

Hint: If -Y does not work on your system, try -R.

Sample output:


Obviously you can add more fields with -e xxxx (see the display filter reference guide).


permanent link

answered 26 Mar '14, 08:13

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
accept rate: 15%

edited 26 Mar '14, 08:13

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 25 Mar '14, 01:06

question was seen: 5,576 times

last updated: 26 Mar '14, 08:13

p​o​w​e​r​e​d by O​S​Q​A