What is the syntax for wireshark custom column

asked 2017-11-13 16:20:40 +0000

1 ●1 ●2 ●1

I want to calculate the time difference between 2 consecutive packets (and apply this for the whole pcap file), and have this shown as a custom column. What is the syntax i need to use to put in the "Field name" to calculate and show this information?

Thank you!

edit retag flag offensive close merge delete

Comments

Why do you think you need a custom column for this? You can set the time display format (View -> Time Display format) to show the delta between either the previously captured packet or the previously displayed packet.

grahamb ( 2017-11-13 17:11:41 +0000 )edit

Also you can right click that time in every packet inside the frame header and select „apply as column“

Christian_R ( 2017-11-13 17:16:24 +0000 )edit

add a comment

Comments

Thank you guys! As per your advice I created a new column and made it type "Delta time".

Pheonix7 ( 2017-11-14 09:30:56 +0000 )edit

Hello,

Like frame.time_delta, can i add/create custom frame_field_delta. Is that possible.

Regards, S.Senthil

Senthil ( 2018-10-12 14:38:18 +0000 )edit

add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

What is the syntax for wireshark custom column

Comments

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

What is the syntax for wireshark custom column edit

Comments

1 Answer

Comments

Your Answer

Question Tools

Stats

Related questions

What is the syntax for wireshark custom column