tshark default output format differs between versions
default output format on Windows (tshark 3.2.2):
14 2020-03-07 11:20:12,773554 192.168.2.1 → 8.8.8.8 DNS 70 Standard query 0x0012 A google.com
15 2020-03-07 11:20:12,798941 8.8.8.8 → 192.168.2.1 DNS 134 Standard query response 0x0012 A google.com A 216.239.36.117 A 216.239.34.117 A 216.239.32.117 A 216.239.38.117
default output format on Linux (older tshark 1.10.14):
1 2020-03-07 10:18:59.796430410 192.168.1.9 -> 8.8.8.8 DNS 70 Standard query 0x2560 A google.com
2 2020-03-07 10:18:59.821146788 8.8.8.8 -> 192.168.1.9 DNS 86 Standard query response 0x2560 A 172.217.23.142
the new version prepends a query (A google.com), the old version doesn't. (The minor differences, like an arrow instead of "->" and comma instead of dot in the timestamp, doesn't matter for this question)
Please point to a source code file where the default output format is defined. In which version has it changed (prepending the query)? Is there a way to modify the default output to make it consistent for any version? I've tried to use Tfields with desired columns, but couldn't get the output similar to the default.
additional question: is the timestamp defined by "-t ad" depends on the country locale settings? Does is shown as "2020-03-07 10:18:59.796430410" with GB/DE locale, but looks different with the US locale?
