1 | initial version |
Wireshark Bugzilla is the appropriate place for feature requests.
In the interim, this script may help you. This will create a file each for every number of expert infos using tshark, so if you see an expert_infos5.pcapng, it will only have packets with 5 expert infos.
#!/usr/bin/env bash source="/path/to/your/capture" hits=1 i=1 while [[ $hits > 0 ]]; do tshark -r $source -Y "count(_ws.expert.message) > ${i}" -w expert_infos${i}.pcapng hits=$(tshark -r /tmp/expert_infos${i}.pcapng | wc -l) i=${i}+1 done
My capture only had 1 type of expert infos per packet, so I only see one file:
$bash ls /tmp | grep export_infos expert_infos1.pcapng