This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

PDML field data

0

Good evening all I'm writing because I'm sure I can have good helps and indication from the community. As first I must apologize because I'm not at all a network expert and not at all a WireShark guy. I'm a data analyst and I'm currently working for a Telco which want to get value of of data packages. They have trouble in get this data because they don't own the network infrastructure (political issue) but they captured some stream that I passed though WireShark. I was able to export PDML but I'm wondering that the most valuable information is in the 'data' field which comes in hexadecimal. Is there a way to apply an additional 'decoding' on this part of the PDML message?

asked 02 Jun '14, 06:01

Sebastiano's gravatar image

Sebastiano
1111
accept rate: 0%

The question is to open ended to answer, if you have TCP or UDP and then <data> you would have to know what protocol runs atop of UDP or TCP and do "decode as" or set the protocol preferenses accordingly.

"Telco which want to get value of of data packages" what type of data packets?

(02 Jun '14, 07:13) Anders ♦