Decoding a wireshark pcap file

0	Is there such thing as decoding a wireshark pcap file. Is decoding a pcap file the same as transforming a wireshark pcap file to a windows txt file? txt pcap decoding asked 17 Apr '12, 22:21 misteryuku 5●24●26●29 accept rate: 0%

3 Answers:

oldest newest most voted

0	No. See my answer to your other very similar question here link answered 17 Apr '12, 23:54 grahamb ♦ 4.1k●2●15●64 accept rate: 15%

That depends on what you mean by "decoding". It's "decoding" in the sense that it makes a human-readable file. It may or may not be a good format for a program - such as, oh, let's pick a hypothetical example, Splunk - to read; that would depend on the program.

If you want to know whether it would be something that Splunk could usefully process, you might try asking on the Splunk Q&A site rather than asking here on the Wireshark Q&A site.

link

answered 18 Apr '12, 11:29

Guy Harris ♦♦
7.6k●1●18●98
accept rate: 16%

0	And if you mean decrypting, as in SSL or TLS encrypted traffic for HTTPS or some other protocol, then ask that question too. link answered 18 Apr '12, 16:06 inetdog 152●1●6 accept rate: 14%

Your answer

toggle preview

community wiki

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

*italic* or _italic_
**bold** or __bold__
link:[text](http://url.com/ "Title")
image?![alt text](/path/img.jpg "Title")
numbered list: 1. Foo 2. Bar
to add a line break simply add two spaces to where you would like the new line to be.
basic HTML tags are also supported

learn more about Markdown

Tags:

pcap ×66
decoding ×6
txt ×6

Asked: 17 Apr '12, 22:21

Seen: 1,762 times

Last updated: 18 Apr '12, 16:06

Decoding a wireshark pcap file

Follow this question

You have a trillion packets.

You need to see four of them.

Don't have Wireshark?

Related questions