This is a static archive of our old Q&A Site. Please post any new questions and answers at

time of event extraction for waveform generation


Wireshark is capturing our SysLog broadcast packets which identify different waveform edges in a controller, such as "1 rising edge" and "2 falling edge" and we would like to automate the generation of timing diagrams and basically turn Wireshark into an oscilloscope. Seems like this would not be to hard but do you have examples of extraction filters that could find SysLog (Port 514 UDP) and then match the first number in the field of the SysLog message? Thanks!

asked 28 Jul '15, 10:49

Sam%20Mallicoat's gravatar image

Sam Mallicoat
accept rate: 0%

One Answer:


Have you tried something like this: (udp.port == 514) and (udp[8:3]==81:60:03) or like this
(udp.port == 514) and (syslog.msg matches "RegularExpression")

The reference can be found here:

Furthermore I would suggest that you should use Version 1.99.8 because it comes with improved I/O Graph functions.

answered 28 Jul '15, 11:40

Christian_R's gravatar image

accept rate: 16%

edited 28 Jul '15, 13:02