Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Network Analysis using Wireshark Cookbook

You're reading from   Network Analysis using Wireshark Cookbook This book will be a massive ally in troubleshooting your network using Wireshark, the world's most popular analyzer. Over 100 practical recipes provide a focus on real-life situations, helping you resolve your own individual issues.

Arrow left icon
Product type Paperback
Published in Dec 2013
Publisher Packt
ISBN-13 9781849517645
Length 452 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Yoram Orzach Yoram Orzach
Author Profile Icon Yoram Orzach
Yoram Orzach
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Introducing Wireshark FREE CHAPTER 2. Using Capture Filters 3. Using Display Filters 4. Using Basic Statistics Tools 5. Using Advanced Statistics Tools 6. Using the Expert Infos Window 7. Ethernet, LAN Switching, and Wireless LAN 8. ARP and IP Analysis 9. UDP/TCP Analysis 10. HTTP and DNS 11. Analyzing Enterprise Applications' Behavior 12. SIP, Multimedia, and IP Telephony 13. Troubleshooting Bandwidth and Delay Problems 14. Understanding Network Security A. Links, Tools, and Reading Index

Saving, printing, and exporting data

In this recipe we will talk about file operations such as save, export, print, and others.

Getting ready

Start Wireshark or open a saved file.

How to do it...

We can save a whole file, and export specific data in various formats and file types. In the following paragraphs we will see how to do it.

To save a whole file with captured data, perform the following steps:

  1. In the File menu, click on Save (or press Ctrl + S) for saving the file with its own name.
  2. In the File menu, click on Save as (or press Shift + Ctrl + S) for saving the file with a new name.

For saving a part of a file, for example, only the displayed data:

  1. Navigate to Export Specified Packets under the File menu. You will get the following window:
    How to do it...
  2. At the bottom-left side of the window, you will see that you can choose which part of the data you want to save.
  3. For saving all the captured data, select All packets and Captured.
  4. For saving only the displayed data, choose All packets and Displayed.
  5. For saving only selected packets from the file (a selected packet is simply a packet that you clicked on), choose Selected packet.
  6. For saving marked packets (that is, packets that were marked by right-clicking on it in the packet list window, and choosing the Marked packet toggle from the menu), choose Marked packet.
  7. For saving packets between two marked packets select the First to last marked option.
  8. For saving a range of packets, select Range and specify the range of packets you want to save.
  9. In the packet list window, you can manually choose to ignore a packet. In the Export window you can choose to ignore these packets and not save them.

In all the options mentioned, you can choose the packets from the entire captured file, or from the packets displayed on the screen (packets displayed on the packet list after a displayed filter has been applied).

Saving data in various formats

You can save the data captured by Wireshark in various formats, for further analysis with other tools.

You can save the file in the following formats:

  • Plain text (*.txt): export packet data into a plain text ASCII file.
  • PostScript (*.ps): export packet data into PostScript format.
  • Comma Separated Values: Packet Summary (*.csv): export packet summary into CSV file format, to use it with spreadsheet programs (such as Microsoft Excel).
  • C Arrays to Packet Bytes (*.c): export packet bytes into C-Arrays so that it can be imported by C programs.
  • PSML or XML Packet Summary (*.psml): export packet data into PSML, an XML-based format including only the packet summary. Further details about this format can be found at http://www.nbee.org/doku.php?id=netpdl:psml_specification.
  • PDML - XML Packet Details (*.pdml): export packet data into PDM, an XML-based format including the packet details. Further details about this format can be found at http://www.nbee.org/doku.php?id=netpdl:pdml_specification.

To save the file, select Export Packet Dissections from the File menu, and you will get the following window:

Saving data in various formats

In the preceding screenshot, in the marked box on the left-hand side, you choose the packets you want to save. The process is the same as in the previous recipe. In the marked box on the right-hand side, you choose the format of the file to be saved.

How to print data

In order to print data, click on the Print button from the File menu, and you will get the following window:

How to print data

In the Wireshark Print window, you have the following choices:

  • In the upper window, you choose the file format to be printed
  • In the lower-left window, you choose the packet to print (like in the Export window)
  • In the lower-right window, you choose the format of the printed data, and the data panes to print from the Wireshark window:
    • The Packet Summary pane
    • The Packet Details pane
    • The Packet Byte pane

How it works...

The data can be printed in a text format, postscript (for postscript-aware printers), or to a file. After configuring this window and clicking on print, the regular printing window will appear and you can choose the printer.

You have been reading a chapter from
Network Analysis using Wireshark Cookbook
Published in: Dec 2013
Publisher: Packt
ISBN-13: 9781849517645
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime