The ek format (jsonnl) from tshark is great for capturing into some Big Data environment. Unfortunately as the format is designed for ElasticSearch the index information is added before each row:
{"index":{"_index":"packets-2020-06-27","_type":"doc"}} {"timestamp":"1593228122133","layers":{"frame_raw":"fa163e0aed1d4c9614901ff0080... } {"index":{"_index":"packets-2020-06-27","_type":"doc"}} {"timestamp":"1593228122133","layers":{"frame_raw":"4c9614901ff0fa163e0aed1d080... }
I was wondering if it is possible to add a flag to remove this additional row from the output.
From the code it looks like the code printing that output is at line 364 on epan/print.c
https://github.com/wireshark/wireshark/blob/986fec7f3ba9db9b60fe209fb5d41ba5d291cde5/epan/print.c#L364
Is there a procedure to request for this change?
