I have regular human readable text logs from my application showing when certain activity was done. They do not have any information that should be presented as a packet.
A I packet logs with the low level packets that are decoded with wireshark.
I would like to read them both in wireshark so that the regular log lines are interleaved with the packet logs. The information from the regular log file could be shown in the "info" colkumn.
I see three potential "methods":
- The log file has timestamps. So these could be used to interleave the information fairly properly.
- I could also pipe the text log to a converter that would take the incoming text lines and convert them to a pcap file.
- Ultimately I could also generate a pcap file directly from the application as wireshark can already read multiple logs or they can be merged using existing tools.
I made some searches, but I could not find a hint about any working solution that would be able to achieve my goal using one of these methods.
The purpose is to avoid having multiple tools open and match the timestamps with what I see in the text viewer(s) and the wireshark log - it would be nice to have it all in a single thread.