This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Am using Wireshark: 1.12.7.

Wanted to export wireshark captured file into a CSV or excel file., including the packet payload.

Present export option is exporting only columns that are displayed [ i.e from No, Timestamp .. Packet Info].

Please teach me how to do this.

Also is there any way., I can customize Wireshark to decipher the packet payload bytes (say 20-30bytes) and display additional information for me ?

asked 14 Aug '15, 22:42

pp_prasana's gravatar image

pp_prasana
6112
accept rate: 0%


I thought that using the menu item File -> Export Packet Dissections -> As "CSV" and then checking the "Packet bytes" option would do the trick, but as you noted it only exports the columns on view.

Adding the "data.data" field as a column and using the same menu item gives you only 24 bytes (48 hex chars) of the packet data.

To "customize" Wireshark to dissect the packet data you'll need to write a dissector. I covered the basic options in my talk at SharkFest: Writing a Wireshark Dissector using WSGD, Lua and C.

permanent link

answered 15 Aug '15, 07:05

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

@grahamb: Thanks for the answer, sir.

Is there a way to get the complete payload (instead of just 24 bytes) exported ?

I can do some tweaking using excel formula and dissect the packet.

Let me go thru' suggested PPT and get back if I need any specific clarification from that.

(20 Aug '15, 11:56) pp_prasana

Looks WSGD is pretty simple. Let me try that and get back.

(20 Aug '15, 12:06) pp_prasana
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×76
×40

question asked: 14 Aug '15, 22:42

question was seen: 28,033 times

last updated: 20 Aug '15, 12:06

p​o​w​e​r​e​d by O​S​Q​A