This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Modify script to output multiple files

0

Im new to scripting and tshark but managed to make this small script using examples from this page. It works very well but I'd like to modify it so it creates a new .txt file for every input file instead of writing it all to the same file. If someone could help me it would be much appreciated!

@echo off

set cap_files="*"
set cap_folder="c:\test"


set outfile=C:\Users\Administrator\Desktop\New\outfile.txt


set tshark_cmd="C:\Program Files\Wireshark\tshark"
set tshark_options= -q -z conv,tcp -z conv,udp


echo. > %outfile%


for /r %cap_folder% %%f in (%cap_files%) do (
echo Processing File: %%f


REM echo == File: %%f >> %outfile%
%tshark_cmd% -r %%f %tshark_options% >>%outfile%
)


echo.
echo Results in: %outfile%

asked 10 Feb ‘17, 02:20

laminatorius's gravatar image

laminatorius
6224
accept rate: 0%

edited 10 Feb ‘17, 05:34

grahamb's gravatar image

grahamb ♦
19.8k330206

One Answer:

2

If you look in the dos help for for, e.g. help for, you can see there are extended subsititions of the "for" variable:

In addition, substitution of FOR variable references has been enhanced.
You can now use the following optional syntax:

%~I         - expands %I removing any surrounding quotes (")
%~fI        - expands %I to a fully qualified path name
%~dI        - expands %I to a drive letter only
%~pI        - expands %I to a path only
%~nI        - expands %I to a file name only
%~xI        - expands %I to a file extension only
%~sI        - expanded path contains short names only
%~aI        - expands %I to file attributes of file
%~tI        - expands %I to date/time of file
%~zI        - expands %I to size of file
%~$PATH:I   - searches the directories listed in the PATH
               environment variable and expands %I to the
               fully qualified name of the first one found.
               If the environment variable name is not
               defined or the file is not found by the
               search, then this modifier expands to the
               empty string



The modifiers can be combined to get compound results:


%~dpI       - expands %I to a drive letter and path only
%~nxI       - expands %I to a file name and extension only</code></pre><p>So, using <code>%%~dpnf.txt</code> will get you the input filename, but with a .txt extension.</p><p>You should also change the output redirection operator to be <code>&gt;</code> to overwrite each target text file.</p></div><div class="answer-controls post-controls"></div><div class="post-update-info-container"><div class="post-update-info post-update-info-user"><p>answered <strong>10 Feb '17, 05:39</strong></p><img src="https://secure.gravatar.com/avatar/d2a7e24ca66604c749c7c88c1da8ff78?s=32&amp;d=identicon&amp;r=g" class="gravatar" width="32" height="32" alt="grahamb&#39;s gravatar image" /><p><span>grahamb ♦</span><br />



19.8k330206

accept rate: 22%

Thank you! That worked very well and was much easier than I thought.

You should also change the output redirection operator to be > to overwrite each target text file.

I don’t understand that part though. What exactly is the “output redirection operator” and why would it be better to overwrite the target text file? The Text files are generated with this script, there is nothing to overwrite. Or am I missing the point?

(10 Feb ‘17, 07:13) laminatorius

The >> operator appends output to any pre-existing content. The > operator overwrites any pre-existing content.

Using the append operator could trip you up if re-running the batch file over the same captures with different tshark options.

See here for info about redirection.

(10 Feb ‘17, 07:35) grahamb ♦

If an answer has solved your issue, please accept the answer for the benefit of other users by clicking the checkmark icon next to the answer. Please read the FAQ for more information.

(10 Feb ‘17, 07:35) grahamb ♦