 | 1 | initial version |
There seems to be an issue directly accessing the 104asdu element, maybe because its name begins with a number.. Using getattr() fixes that, then noting that the IOA and SIQ elements are of type "LayerField" with a "fields" array. This gives the following (note the capture you provided only had one packet, so I'm using cap[0] to access it):
>>> asdu = getattr(cap[0], "104asdu")
>>> asdu.ioa.fields[0]
<LayerField 104asdu.ioa: 345>
>>> asdu.siq.fields[0]
<LayerField 104asdu.siq: 0x00000000>
>>> asdu.ioa.fields[1]
<LayerField 104asdu.ioa: 57756>
>>> asdu.siq.fields[1]
<LayerField 104asdu.siq: 0x00000000>
pyshark could do with more documentation describing these types. I used a mix of dir() and type() to work this out.
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.