Filter pcap file by layer and save to another format [on hold]

I captured packets in wireshark, filtered for the protocol I'm interested in (DIS), then exported this to a pcap file. I'd like to do analysis on this data in Python. The only part I'm interested in for each packet is the data layer header/data. How can I extract this from all the packets and save to something like a txt, json, or csv?

I just read about tshark and attempted a line of code I found: tshark -r capture.pcap -T fields -e data > data.txt, but this returns an empty file. I can see the data I'm interested in through wireshark though.

Leave Your Comment

Leave a Reply

%d bloggers like this: