I have a pcap file which has a bunch of data, and one of those data fields is SMS-text. It is dummy data ofcourse.
I am using Tshark and giving it a -E separator=CHARACTER, on the basis of which it separates fields into a CSV file. It uses a comma character as the default field separator.
Now the problem is that whenever a comma character occurs in SMS text, it separates the rest of the SMS text and makes it a separate field. If I add -E quote=d to the command, it separates at the occurence of " within SMS text and considers the rest of the SMS text as a separate field. This is a problem.
So my question is that how do I find a single character which I can use as a field separater in this case?
At the moment, my tshark command looks like this:
tshark -r inputFile.pcap -T fields -e field1 -e field2 -e smsTextField -E quote=d -E separator=, >output.csv