Re: Set capture to TZ blah?

[Pascal Quantin <pascal.quantin () gmail com>]

2015-03-14 20:34 GMT+01:00 Jeff Morriss <jeff.morriss.ws () gmail com>:

> On 03/14/2015 02:16 PM, Guy Harris wrote:
>
> > On Mar 14, 2015, at 8:00 AM, Niels de Vos <ndevos () redhat com> wrote:
> >
> >  When I have captures and logs that do not match the timezone, I use the
> > > TZ environment variable to read the captures in the timezone of the
> > > logs, like:
> > >
> > >     $ TZ=America/New_York tshark -r /path/to/capture.pcap.gz ....
> > >
> > > or
> > >
> > >     $ TZ=America/New_York wireshark /path/to/capture.pcap.gz
> >
> > That would work on systems using the IANA tz database (and using the new
> > tz naming scheme; I'm not sure whether Solaris does), so it'd work on, at
> > minimum, most if not all Linux distributions, *BSD, and OS X.
> >
> > However, it doesn't work on, for example, Windows, which doesn't use the
> > IANA tz database.
>
> (I think) the only thing that doesn't work on Windows is specifying the
> timezone in that format.  At least according to:
>
> https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2629#c4
>
> you can still set the TZ variable on Windows (in a command shell) and
> Wireshark will use it.  Presumably you just need to know the right format.
>
> (Personally I'm more used to doing things like TZ=PDT than these fancy
> new-fangled TZ names; maybe Windows still uses that format--as that comment
> suggests?)

According to https://msdn.microsoft.com/en-us/library/90s5c885.aspx this is
still supported.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe