Am using Wireshark: 1.12.7. Wanted to export wireshark captured file into a CSV or excel file., including the packet payload. Present export option is exporting only columns that are displayed [ i.e from No, Timestamp .. Packet Info]. Please teach me how to do this. Also is there any way., I can customize Wireshark to decipher the packet payload bytes (say 20-30bytes) and display additional information for me ? asked 14 Aug '15, 22:42 pp_prasana |
One Answer:
I thought that using the menu item File -> Export Packet Dissections -> As "CSV" and then checking the "Packet bytes" option would do the trick, but as you noted it only exports the columns on view. Adding the "data.data" field as a column and using the same menu item gives you only 24 bytes (48 hex chars) of the packet data. To "customize" Wireshark to dissect the packet data you'll need to write a dissector. I covered the basic options in my talk at SharkFest: Writing a Wireshark Dissector using WSGD, Lua and C. answered 15 Aug '15, 07:05 grahamb ♦ |
@grahamb: Thanks for the answer, sir.
Is there a way to get the complete payload (instead of just 24 bytes) exported ?
I can do some tweaking using excel formula and dissect the packet.
Let me go thru' suggested PPT and get back if I need any specific clarification from that.
Looks WSGD is pretty simple. Let me try that and get back.