Is there a way to use TShark to extract DNS TXT data from DNS responses to a text file? I tried using... tshark -r <pcapname> -T fields -e "dns.txt" > <filename>.txt It seems to run but the file is blank when I read it. Thanks in advance! asked 30 Jan '15, 05:13  spotlight edited 30 Jan '15, 05:13 |
One Answer:
There's no txt field in the DNS dissection. Which part of the DNS response do you need? Hint, you can find field names by clicking on the item in the protocol tree and looking at the status bar where the field name is shown in parentheses. answered 30 Jan '15, 05:25  grahamb ♦ |
