I've got an HTTP response that returns some JSON, e.g.: I would like to be able to filter on this. For example, include any responses that have key "value1" in them, or all responses where value2 == "cheese". I can't find any way to do this using any of the properties of the "json" dissector. Does anyone have any clues here? Thanks, Daern asked 23 May '14, 03:15  daern |
One Answer:
Currently the JSON dissector doesn't allow matching on member names, only that a json member is present Usually, if you right click a field in the details pane and click Apply|Prepare as a Filter, then Selected, the filter droplist will show you the appropriate filter. In the case of a json member name it shows a packet specific byte match e.g. The json dissector appears to have code commented out that attempts to add a the member name as a filter, not sure what's happening with that though. answered 23 May '14, 04:13  grahamb ♦ edited 23 May '14, 04:25 |
Hi Graham,
Thanks for this. I guess I've stumbled on some work-in-progress ;-)
I might be able to manage this with a packet byte match, which isn't lovely, but at least it might help me.
Thanks,
Daern.
Remember if the data moves around in the packets, i.e. if the json responses are variable, then the packet byte match won't work.
If an answer has solved your issue, please accept the answer for the benefit of other users by clicking the checkmark icon next to the answer. Please read the FAQ for more information.