 | 1 | initial version |
I've tried "c:\Program Files\Wireshark\tshark.exe" -r capture-file.pcap -Y sip -T fields -e raw_sip, the output is a wall of lines containing a literal raw_sip. If I add -e sip.Call-ID, I get the Call-ID values in front of the raw_sip.
I understand that raw_sip is a multi-line text, but is there a way I haven't discovered to get the values printed by tshark or should I file a bug?
I've tried "c:\Program Files\Wireshark\tshark.exe" -r capture-file.pcap -Y sip -T fields -e raw_sip, the output is a wall of lines containing a literal raw_sip. If I add -e sip.Call-ID, I get the Call-ID values in front of the raw_sip.
I understand that raw_sip the contents of the raw_sip field is a multi-line text, but is there a way I haven't discovered to get the values printed by tshark or should I file a bug?
I've tried "c:\Program Files\Wireshark\tshark.exe" -r capture-file.pcap -Y sip -T fields -e raw_sip, the output is a wall of lines containing a literal raw_sip. If I add -e sip.Call-ID, I get the Call-ID values in front of the raw_sip.
I understand that the contents of the raw_sip field is a multi-line text, but is there a way I haven't discovered to get the values printed by tshark or should I file a bug?bug? Especially given that the contents of sip.msg_hdr is also a multi-line text and tshark exports it happily.
I've tried "c:\Program Files\Wireshark\tshark.exe" -r capture-file.pcap -Y sip -T fields -e raw_sip, the output is a wall of lines containing a literal raw_sip. If I add -e sip.Call-ID, I get the Call-ID values in front of the raw_sip.
I understand that the contents of the raw_sip field is a multi-line text, but is there a way I haven't discovered to get the values printed by tshark or should I file a bug? Especially given that the contents of sip.msg_hdr is also a multi-line text and tshark exports prints it out happily.
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
