running tshark command in windows batch file
I have written a batch file that runs a tshark command to filter fields from a wireshark pcap file and write them to a csv file. When i ran on the windows cmd CLI, i had to change the current working directory to the wireshark folder directory in the My Computer> Program Files, so i changed the current working directory in the batch file so that it would run the same way as i ran in the windows cmd CLI.
However, when i ran the below batch script, the output csv file was blank. How do i correct this batch script so that i can see the contents in the output csv file generated using wireshark's tshark command?
I wrote the batch file like this.
@echo off
set curr_dir=%cd%
chdir /D cd..
chdir /D cd..
chdir /D cd program files
chdir /D cd wireshark
tshark -T fields -n -r "C:UsersL33604DesktopSynFlood Sample.pcap" -E separator=, -e ip.src -e ip.dst > "C:UsersL33604Desktoplogcapture.txt"
batch wireshark
asked Apr 23 '12 at 3:01
misteryukumisteryuku
111
add a comment |
I have written a batch file that runs a tshark command to filter fields from a wireshark pcap file and write them to a csv file. When i ran on the windows cmd CLI, i had to change the current working directory to the wireshark folder directory in the My Computer> Program Files, so i changed the current working directory in the batch file so that it would run the same way as i ran in the windows cmd CLI.
However, when i ran the below batch script, the output csv file was blank. How do i correct this batch script so that i can see the contents in the output csv file generated using wireshark's tshark command?
I wrote the batch file like this.
@echo off
set curr_dir=%cd%
chdir /D cd..
chdir /D cd..
chdir /D cd program files
chdir /D cd wireshark
tshark -T fields -n -r "C:UsersL33604DesktopSynFlood Sample.pcap" -E separator=, -e ip.src -e ip.dst > "C:UsersL33604Desktoplogcapture.txt"
batch wireshark
asked Apr 23 '12 at 3:01
misteryukumisteryuku
111
add a comment |
I have written a batch file that runs a tshark command to filter fields from a wireshark pcap file and write them to a csv file. When i ran on the windows cmd CLI, i had to change the current working directory to the wireshark folder directory in the My Computer> Program Files, so i changed the current working directory in the batch file so that it would run the same way as i ran in the windows cmd CLI.
However, when i ran the below batch script, the output csv file was blank. How do i correct this batch script so that i can see the contents in the output csv file generated using wireshark's tshark command?
I wrote the batch file like this.
@echo off
set curr_dir=%cd%
chdir /D cd..
chdir /D cd..
chdir /D cd program files
chdir /D cd wireshark
tshark -T fields -n -r "C:UsersL33604DesktopSynFlood Sample.pcap" -E separator=, -e ip.src -e ip.dst > "C:UsersL33604Desktoplogcapture.txt"
batch wireshark
asked Apr 23 '12 at 3:01
misteryukumisteryuku
111
I have written a batch file that runs a tshark command to filter fields from a wireshark pcap file and write them to a csv file. When i ran on the windows cmd CLI, i had to change the current working directory to the wireshark folder directory in the My Computer> Program Files, so i changed the current working directory in the batch file so that it would run the same way as i ran in the windows cmd CLI.
However, when i ran the below batch script, the output csv file was blank. How do i correct this batch script so that i can see the contents in the output csv file generated using wireshark's tshark command?
I wrote the batch file like this.
@echo off
set curr_dir=%cd%
chdir /D cd..
chdir /D cd..
chdir /D cd program files
chdir /D cd wireshark
tshark -T fields -n -r "C:UsersL33604DesktopSynFlood Sample.pcap" -E separator=, -e ip.src -e ip.dst > "C:UsersL33604Desktoplogcapture.txt"
batch wireshark
batch wireshark
asked Apr 23 '12 at 3:01
misteryukumisteryuku
111
asked Apr 23 '12 at 3:01
misteryukumisteryuku
111
asked Apr 23 '12 at 3:01
misteryukumisteryuku
111
asked Apr 23 '12 at 3:01
misteryukumisteryuku
111
asked Apr 23 '12 at 3:01
misteryukumisteryuku
111
111
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Probably the problem is that you didnt enclose program files with quotes. The batch program wont properly handle a path or file name with a space unless you put quotes around it.
I did the following to your batch program, and it assumes that the Wireshark directory is on the C: drive and that the logcapture and synflood sample files are where you report they are:
@echo off
cd /d "c:program fileswireshark"
tshark -T fields -n -r "C:UsersL33604DesktopSynFlood Sample.pcap" -E separator=, -e ip.src -e ip.dst > "C:UsersL33604Desktoplogcapture.txt"
answered Apr 24 '12 at 0:27
RobWRobW
33614
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f415517%2frunning-tshark-command-in-windows-batch-file%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Probably the problem is that you didnt enclose program files with quotes. The batch program wont properly handle a path or file name with a space unless you put quotes around it.
I did the following to your batch program, and it assumes that the Wireshark directory is on the C: drive and that the logcapture and synflood sample files are where you report they are:
@echo off
cd /d "c:program fileswireshark"
tshark -T fields -n -r "C:UsersL33604DesktopSynFlood Sample.pcap" -E separator=, -e ip.src -e ip.dst > "C:UsersL33604Desktoplogcapture.txt"
answered Apr 24 '12 at 0:27
RobWRobW
33614
add a comment |
Probably the problem is that you didnt enclose program files with quotes. The batch program wont properly handle a path or file name with a space unless you put quotes around it.
I did the following to your batch program, and it assumes that the Wireshark directory is on the C: drive and that the logcapture and synflood sample files are where you report they are:
@echo off
cd /d "c:program fileswireshark"
tshark -T fields -n -r "C:UsersL33604DesktopSynFlood Sample.pcap" -E separator=, -e ip.src -e ip.dst > "C:UsersL33604Desktoplogcapture.txt"
answered Apr 24 '12 at 0:27
RobWRobW
33614
add a comment |
Probably the problem is that you didnt enclose program files with quotes. The batch program wont properly handle a path or file name with a space unless you put quotes around it.
I did the following to your batch program, and it assumes that the Wireshark directory is on the C: drive and that the logcapture and synflood sample files are where you report they are:
@echo off
cd /d "c:program fileswireshark"
tshark -T fields -n -r "C:UsersL33604DesktopSynFlood Sample.pcap" -E separator=, -e ip.src -e ip.dst > "C:UsersL33604Desktoplogcapture.txt"
answered Apr 24 '12 at 0:27
RobWRobW
33614
Probably the problem is that you didnt enclose program files with quotes. The batch program wont properly handle a path or file name with a space unless you put quotes around it.
I did the following to your batch program, and it assumes that the Wireshark directory is on the C: drive and that the logcapture and synflood sample files are where you report they are:
@echo off
cd /d "c:program fileswireshark"
tshark -T fields -n -r "C:UsersL33604DesktopSynFlood Sample.pcap" -E separator=, -e ip.src -e ip.dst > "C:UsersL33604Desktoplogcapture.txt"
answered Apr 24 '12 at 0:27
RobWRobW
33614
answered Apr 24 '12 at 0:27
RobWRobW
33614
answered Apr 24 '12 at 0:27
RobWRobW
33614
answered Apr 24 '12 at 0:27
RobWRobW
33614
33614
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f415517%2frunning-tshark-command-in-windows-batch-file%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
