jwillis has asked for the wisdom of the Perl Monks concerning the following question:
hi everyone i am trying to decode wireshark data into a format to be inserted into a database for analysis. i don't know how to make the garbage in a file mean something useful. I am using a wireshark sample file to try and get the output to be something meaningful. Can someone point me in the right direction?
#!perl use Net::TcpDumpLog; use NetPacket::TCP; use NetPacket::Ethernet; $log = Net::TcpDumpLog->new(); $log->read("test.pcap"); @Indexes = $log->indexes; foreach $index (@Indexes) { ($length_orig,$length_incl,$drops,$secs,$msecs) = $log->header($index) +; $data = $log->data($index); my $tcp_strip = NetPacket::TCP::strip($data); print "$tcp_strip\n"; }
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: decoding libpcap on windows
by VinsWorldcom (Prior) on Sep 25, 2012 at 12:18 UTC | |
by jwillis (Initiate) on Sep 25, 2012 at 13:25 UTC | |
by VinsWorldcom (Prior) on Sep 25, 2012 at 15:35 UTC | |
by jwillis (Initiate) on Sep 27, 2012 at 10:39 UTC | |
by jwillis (Initiate) on Sep 27, 2012 at 10:42 UTC | |
by jwillis (Initiate) on Sep 27, 2012 at 10:45 UTC | |
by VinsWorldcom (Prior) on Sep 27, 2012 at 11:50 UTC | |
by jwillis (Initiate) on Sep 27, 2012 at 13:34 UTC |
Back to
Seekers of Perl Wisdom