This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

using follow udp stream' in script to dealing thousands pcap files

0

I have thousands of pcap file 100M each which contains the data i need transferred from my device by UDP protocol. I can use 'follow udp stream command' in the wireshark desktop manually and save it into a raw file one by one, and later further coding with python, but that would be very time consuming.

Is there any way i can using batching/script to save all the pcap files into raw data files automatically?

Much appreciated!

asked 10 Jul '17, 19:32

tree0520's gravatar image

tree0520
6223
accept rate: 0%


One Answer:

2

Yes, create a script that feeds the capture files to tshark and pass it the command line option -z "follow,udp,...". See the manual for more details.

answered 10 Jul '17, 22:26

Jaap's gravatar image

Jaap ♦
11.7k16101
accept rate: 14%