This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

As I mentioned in title I want to filter tshark's dests,tree statistics output to show only encrypted(ssl) traffic.

I tried tshark -a duration:30 -Y "ssl" -z dests,tree > output.txt but that doesn't work as I expected. But from wireshark(gui) Statistics > IP Destinations filter:ssl works just fine.

alt text

Are there any ways to do this with tshark or should I consider other tools?

Background: I'm writing a java application to automatically fetch scheduled tshark command output to show traffic bandwidth and incoming packets by ports per IP. I am absolutely not an expert in this job. If I'm looking for something wrong to do my job you should feel free to offer me better ways.

asked 14 Jul '15, 00:54

xmikro's gravatar image

xmikro
11225
accept rate: 0%

edited 14 Jul '15, 01:06

It seems to work for me (tshark v1.99.8rc0-411-g89b375f), what is exactly not functioning? Can you see the normal dissection in the tshark output?

(15 Jul '15, 13:11) Lekensteyn
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×832
×349
×319
×86
×17

question asked: 14 Jul '15, 00:54

question was seen: 1,846 times

last updated: 15 Jul '15, 13:11

p​o​w​e​r​e​d by O​S​Q​A