make wireshark.exe return json via cmd

asked 2021-01-04 09:17:11 +0000

learningnew
5 ●1 ●3 ●3

Hi, is there a way to use wireshark.exe that will return a json without using tshark? I mean to give it a pcap and get a json back but only with wireshark.exe without using the GUI, only cmd command. Thanks

answered 2021-01-04 12:28:19 +0000

grahamb

flag of United Kingdom of Great Britain and Northern Ireland

23835 ●4 ●973 ●227 https://www.wireshark.org

No. The entire purpose of tshark is to return dissection products in some textual form so why not use it?

edit flag offensive delete link

Comments

Because tshark crashes with a specific dll dissector when wireshark gui does not

learningnew ( 2021-01-04 12:30:55 +0000 )edit

tshark shouldn't crash. Please raise an issue at the Wireshark GitLab issue tracker attaching the capture file if at all possible.

grahamb ( 2021-01-04 20:56:53 +0000 )edit

I'd rather know what that 'specific dll dissector' is. Not really interested in hunting down issues in closed source additions.

Jaap ( 2021-01-04 21:42:28 +0000 )edit

Could be in one of the distributed plugins.

grahamb ( 2021-01-04 22:33:51 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

make wireshark.exe return json via cmd

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

make wireshark.exe return json via cmd edit

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

make wireshark.exe return json via cmd