Ask Your Question

Live Zigbee Traffic in Wireshark

asked 2020-03-11 13:58:09 +0000

Neha malhotra gravatar image

Hi Team,

i have sniffer inserted to a COM Port suppose COM22. How can i specify this configuration in Wireshark or via cmd in tshark, to get the live zigbee packets which sniffer on COM22 is fetching. Also, I need to specify the channel number as well. Please suggest.

Thanks & Regards, Neha Malhotra

edit retag flag offensive close merge delete


1 Answer

Sort by ยป oldest newest most voted

answered 2020-09-13 16:36:07 +0000

le_top gravatar image

The link provided by @Chuckc provides some general information and further links.

Basically, Wireshark and Tshark expect the data to be presented as a stream/fifo/file in the right format.

Depending on your sniffer, you need to use the right "driver"/"extcap" to read your key and to convert it to this format.

Some "extcap" implementations have options that allow Wireshark to know what parameters the user can provide so that wireshark can propose them in its configuration popup for the extcap connector. In this case you can - with the right configuration - just click on the extcap listing in Wireshark which will launch the extcap tool and provide the fifo to which it should be writing.

Most extcap tools have a readme that will explain how to use it (which file to copy to the extcap directory, etc).

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2020-03-11 13:58:09 +0000

Seen: 101 times

Last updated: Sep 13 '20