 | 1 | initial version |
From the tshark man page:
-e <field> Add a field to the list of fields to display if -T ek|fields|json|pdml is selected.
C:\>tshark -r p:wap_google.pcap -T json -e frame.number -e frame.time -e _ws.col.Info
[
{
"_index": "packets-2005-09-06",
"_type": "doc",
"_score": null,
"_source": {
"layers": {
"frame.number": [
"1"
],
"frame.time": [
"Sep 6, 2005 01:22:20.851335000 Central Daylight Time"
],
"_ws.col.Info": [
"WSP Get (0x40) http://wap.google.com/"
]
}
}
},
{
"_index": "packets-2005-09-06",
-- snip --
| | 2 | No.2 Revision |
From the tshark man page:
-e <field> Add a field to the list of fields to display if -T ek|fields|json|pdml is selected.
C:\>tshark -r p:wap_google.pcap -T json -e frame.number -e frame.time -e _ws.col.Info
[
{
"_index": "packets-2005-09-06",
"_type": "doc",
"_score": null,
"_source": {
"layers": {
"frame.number": [
"1"
],
"frame.time": [
"Sep 6, 2005 01:22:20.851335000 Central Daylight Time"
],
"_ws.col.Info": [
"WSP Get (0x40) http://wap.google.com/"
]
}
}
},
{
"_index": "packets-2005-09-06",
-- snip --
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.