Parsing a PCAP-file with tshark and generate a custom graph with python + matplotlib is my normal usecase. But this time, the build-in IO-graph would fit my needs completely, if I can automate the process. I'd like to call the IO-graph standalone application with the specific PCAP-file, filters and so on. The expected output would be a PNG-file or similar. Is it possible to use the IO-graph of wireshark as a standalone application from the commandline like tshark?What's the expected input dataset of the IO-graph? asked 19 Apr '16, 09:10 oposum edited 19 Apr '16, 09:11 |
One Answer:
Not without a (larger) change of code. Sorry! Alternatively you can use tshark -z io,stat, (see man page for details), but that won't generate PNG files. You can also use tshark to print frames or fields within frames and parse the output with python to generate input data for matplotlib, etc. Instead of parsing the output of tshark, you can also check if Sharktools helps: https://github.com/armenb/sharktools Regards answered 19 Apr '16, 13:42 Kurt Knochner ♦ edited 20 Apr '16, 02:21 |