Re: Getting a unique list of BSSIDs

[Christopher Maynard <Christopher.Maynard () igt com>]

Anthony Critelli <critellia@...> writes:

> Anyone have a good way, using either Wireshark or tshark, to get a
>  unique list of BSSIDs from a capture? I've been trying to do "tshark -r
>  capture.pcapng -T fields -e wlan.bssid | uniq" But this isn't working. 
> Maybe I'm missing something, but when tshark outputs the BSSIDs, each 
> one is different, even when they visibly appear to be the same. Confirmed
this 
> with od, and the octal dump of 2 seemingly identical lines (human
readable) are 
> different. It also seems to randomly throw empty lines in there. This is
preventing uniq from doing its job.
> Am I misunderstanding the usage of tshark? My understanding of the syntax
above would be that it should just output a list of all the BSSIDs in the
capture, and then I'm just piping it to uniq to filter out duplicates.

Maybe try something like this?

tshark -n -Y wlan.bssid -T fields -e wlan.bssid -r capture.pcapng | sort -u

- Chris



___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe