How to continuously save a certain stream into a txt file with ascii
Hello guys I am to wireshark and in the network stuff. I am currently following only one UDP stream with wireshark and I can save it into a pcapng or pcap file. But I want it to be saved and updated in real time (like these two do) but just export a plain txt file of only the stream in ascii. I can do that manually by right click one of the packets, click follow the stream and save it as txt but it doesnt get updated automatically, the idea is that I could have the real time txt or two txts like pcap can do and use a python script to filter some information from it. Is there anyway to do it?
Also trying to export as plain text, doesnt export the stream but only the packet info and the data is not the same.
Can you better define what qualifies as a "stream"?
Is it
src ip,src port,dst ipanddst port?Or since it's
UDP, can thesrc portchange over time?I use a capture filter "src host <ip>", which gives me all the packets from the IP to my computer, which are all one stream and UDP (probably photon wrapped too but that's another story). The thing is that I can already manually do what I need, but I can't find it do to it automatically like other file types. It's probably can be done with tshark but I haven't touched it yet.
Do you have a capture of the data you can share?
There is no
udp.payloadbut a potential work around hereOnce you figure out what the field is, it's pretty easy to capture with
tshark.When I capture data, I can have it automatically update the capture file in a place, but I would like do the same for the stream to a txt. (If you follow the stream you can read a txt in ascii format) sniffing data