-
Notifications
You must be signed in to change notification settings - Fork 26
/
Copy pathtshark.py
30 lines (27 loc) · 992 Bytes
/
tshark.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
#!/usr/bin/python
#
# Sigma Control API DUT (helpers for calling tshark)
# Copyright (c) 2014, Qualcomm Atheros, Inc.
# All Rights Reserved.
# Licensed under the Clear BSD license. See README for more details.
def tshark_fieldnames():
fields = {}
with open("sniffer-tshark-fields.txt", "r") as f:
for l in f.read().splitlines():
[sigma_name,tshark_name] = l.split('\t')
fields[sigma_name.lower()] = tshark_name
return fields
def tshark_framenames():
frames = {}
with open("sniffer-tshark-frames.txt", "r") as f:
for l in f.read().splitlines():
[sigma_name,tshark_name] = l.split('\t')
frames[sigma_name.lower()] = tshark_name
return frames
def tshark_hasfields():
fields = {}
with open("sniffer-tshark-hasfields.txt", "r") as f:
for l in f.read().splitlines():
[sigma_name,tshark_name] = l.split('\t')
fields[sigma_name.lower()] = tshark_name
return fields