# Revision history [back]

The intended use of jsonraw was to reduce the "tshark -T json -x" output size and still to allow to dissect the protocol layers on raw/byte level and provide information regarding the dissected field. For possible use see the json2pcap script (however not all information are preserved in jsonraw compared to -T json -x, as frame timestamp).

The values in raw fields are:

          "eth.src_raw": [
"881544b14f70",    # hex string
6,                 # position in frame
6,                 # length