Re: SQL decode - report????

[Martin Visser <martinvisser99 () gmail com>]

Not knowing much about the TDS format, but in general any field that can be
used as a display filter you can separate out. In Wireshark you can create a
custom column (and then use this as the basis for printing.) In tshark you
can do the same with the "-T fields -e field" option.

Other than that you can dump the whole capture in a format such as PDML and
then with a SMOP[1] to parse and format, you can create your report

[1] SMOP - Simple Matter Of Programming ;-)

Regards, Martin

MartinVisser99 () gmail com


On Fri, Apr 23, 2010 at 12:34 PM, false <jctx09 () yahoo com> wrote:

> Thanks a ton to Bill and Martin for the previous responses on decoding SQL
> (TDS).
>
> My next question is.... is there a way to generate a report/file that shows
> only the ip source/destination addresses and ONLY the SQL commands that were
> executed?
>
> Thank you in advance...
>
>
> ___________________________________________________________________________
> Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
> Archives:    http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request () wireshark org
> ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe