programmatically controlled Wireshark

[Ola Liljedahl <ola.liljedahl () enea com>]

We have tools for analyzing and displaying logs and these logs may refer 
to captured
packets (the log may actually contain the packets but we do not intend 
to write 10000
dissectors for our log analyzer when Wireshark already does this). We 
indent to save
those captured packets to a file in the pcap format and then launch 
Wireshark for
analyzing and viewing the packets.

I wonder if there is any programmatic interface for controlling 
Wireshark so that it
can load different capture files and jump to specific packets (perhaps 
identified by
time stamp) in the capture as commanded by another program. Maybe 
Wireshark could listen
to a TCP port to which you can connect and send commands. Or maybe some 
more standardized
IPC mechanism.

I scanned through the User's Guide but could not find anything similar 
to what we want
to do.

Thanks,

 Ola Liljedahl


___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe