Sorry, used the version for 1.8 - corrected.
tshark -nn -r big_honking_capture_file.pcap -Y "http.server == Apache || http.server == nginx" -T fields -e ip.src -e tcp.srcport -e ip.dst -e http.server -e http.location
Tshark to the rescue...
No comments:
Post a Comment