Wireshark mailing list archives
Re: Adding support to Wireshark for CSV, TSV and SSV data types
From: Guy Harris <guy () alum mit edu>
Date: Sun, 18 Jun 2017 20:01:05 -0700
On Jun 18, 2017, at 5:54 PM, Paul Offord <Paul.Offord () advance7 com> wrote:
Some time ago I wrote a program that reads Microsoft IIS web log files and converts them into PCAP-NG format. I then wrote a matching dissector to produce nice neat output. I want to rewrite it because: • The field names and data types are defined in the first record of the PCAP-NG file – this is how the dissector knows the layout of the file • Each data record is encapsulated in a dummy Ethernet frame and I want to eliminate this • I’d like to make it more general so that it can also deal with CSV, TSV and, later, variable format log records
Do you mean "deal with arbitrary CSV and TSV files" or "deal with IIS Web logs that are in CSV and TSV format"? And is there any reason not to just take the log file reading part of your code, make it into a libwiretap module that *directly* reads those files using a WTAP_ENCAP_IIS_LOG encapsulation, and write a dissector for WTAP_ENCAP_IIS_LOG? Note that this would require support for random access to the file when reading it. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Adding support to Wireshark for CSV, TSV and SSV data types Paul Offord (Jun 18)
- Re: Adding support to Wireshark for CSV, TSV and SSV data types Guy Harris (Jun 18)
- Re: Adding support to Wireshark for CSV, TSV and SSV data types Paul Offord (Jun 19)
- Re: Adding support to Wireshark for CSV, TSV and SSV data types Jaap Keuter (Jun 19)
- Re: Adding support to Wireshark for CSV, TSV and SSV data types Paul Offord (Jun 19)
- Re: Adding support to Wireshark for CSV, TSV and SSV data types Guy Harris (Jun 19)
- Re: Adding support to Wireshark for CSV, TSV and SSV data types Paul Offord (Jun 20)
- Re: Adding support to Wireshark for CSV, TSV and SSV data types Paul Offord (Jun 19)
- Re: Adding support to Wireshark for CSV, TSV and SSV data types Guy Harris (Jun 18)