 | 1 | initial version |
I found a solution that works for me. PyShark is a python library (pip install pyshark) that uses tshark behind the scenes to parse capture files (and live streams, too). It's not all that well documented but using dir(<item>) interactively lets you see the fields and names available in each record (since the names are a little different from the WireShark filter names). Since you write your script in Python you can store data and refer to it to do conditional processing and slice and dice things according to your needs. For me the learning curve was slight and easier than lua or MATE
| | 2 | No.2 Revision |
In combing through the links you provided, I found a solution that works for me. PyShark is a python library (pip install pyshark) that uses tshark behind the scenes to parse capture files (and live streams, too). It's not all that well documented but using dir(<item>) interactively lets you see the fields and names available in each record (since the names are a little different from the WireShark filter names). Since you write your script in Python you can store data and refer to it to do conditional processing and slice and dice things according to your needs. For me the learning curve was slight and easier than lua or MATE
