This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

ActiveMQ dissecting

0

Hi All,

The following tells me that Wireshark can dissect OpenWire at least since 2012: http://activemq.2283324.n4.nabble.com/Wireshark-packet-dissection-Openwire-td4631635.html

, however I'm unable to get it to dissect my ActiveMQ trace for some reason when I choose "Decode As... OpenWire": https://drive.google.com/open?id=0B31e47Ucqt4BOXJrSTEwMi1OdWc

I also tried "Decode As... AMQP", still no luck. Packet bytes view of some packets in the trace suggests it's ActiveMQ (which I think is different from AMQP though).

Is there a way to get Wireshark to dissect my trace anyway?

Many thanks in advance,

Dmitriy

asked 10 May '17, 08:23

Dmitriy's gravatar image

Dmitriy
216711
accept rate: 0%

edited 10 May '17, 08:31


One Answer:

1

The protocol in use is STOMP, for which Wireshark doesn't currently have a dissector.

As it's a text based protocol you can see the text lines in the "Data" part of the dissector tree, or see the conversation by right clicking a packet in the list and selecting Follow -> TCP Stream.

If you want to see STOMP dissection added to Wireshark, please raise an enhancement request on the Wireshark Bugzilla, attaching your capture file to the request.

answered 10 May '17, 08:55

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

Thank you: trying to restore my access to Wireshark Bugzilla to raise it there as you advised.

(10 May '17, 12:43) Dmitriy

If an answer has solved your issue, please accept the answer for the benefit of other users by clicking the checkmark icon next to the answer. Please read the FAQ for more information.

(11 May '17, 12:15) Jaap ♦