| 2019-11-28 20:17:14 +0000 | marked best answer | Find in files Greetings. I have captured many files of 250MB each for days. Now I have a bit more than 4000 files. I'd like to find the files where there is a specific flags (0x011). Is there an option where I can "find in files" an expression ? It will be faster than oppening each file and check with the display filter. For instance, Notepadd++ has this feature and it's very efficient. Thanks for your help ! NB : for the next time, I'll set a better capture filter (I just found it). But for this time, I need to retrieve info from the files already cpatured. |
| 2019-11-28 17:16:59 +0000 | received badge | ● Rapid Responder |
| 2019-11-28 17:16:59 +0000 | answered a question | Find in files got it... I did not write -Y but -y. with -Y, works perfectly. tks |
| 2019-11-28 17:12:57 +0000 | commented answer | Find in files tshark: The specified data link type "tcp.flags == 0x011" isn't valid |
| 2019-11-28 17:07:07 +0000 | commented answer | Find in files tks. i'll try. |
| 2019-11-28 15:59:39 +0000 | commented question | Find in files Hi Graham, tks for your reply. flags = tcp.flags=0x011. if tshark can do this, perfect, what should be the command the |
| 2019-11-28 15:25:37 +0000 | asked a question | Find in files Find in files Greetings. I have captured many files of 250MB each for days. Now I have a bit more than 4000 files. I' |
| 2019-11-28 15:22:51 +0000 | asked a question | Find in files Find in files Greetings. I have captured many files of 250MB each for days. Now I have a bit more than 4000 files. I'd |
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.