 | 1 | initial version |
I don't think you can split the syslog message.
You can right-click on the syslog.msg field and choose, "Apply as Column", but I don't think that's going to help you.
You could try using tshark instead, perhaps with something like this:
tshark -r file.pcap -T fields -e frame.number -e syslog.msg