 | 1 | initial version |
I don't think you can split the syslog message.
You can right-click on the syslog.msg field and choose, "Apply as Column", but I don't think that's going to help you.
You could try using tshark instead, perhaps with something like this:
tshark -r file.pcap -T fields -e frame.number -e syslog.msg
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.