FireBall used Ask the Experts™
Is there any body know how to get a tshark result in real time as

time    protocol    source ip    source port    destination ip    destination port   ttl  packet length   (packet's first 24 bit)
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Cloud Architect
The captured packets are buffered, if you want to flush the standard output after each packet you can use the "-l" (Little L as in loop). Regarding the other options I'd suggest to go over the different options of the tshark MAN here.

For example, for time you can use the "-t" option and one of its many suboptions (a|ad|adoy|d|dd|e|r|u|ud|udoy), for protocols you can use the "--O <protocols>" option... Etcc.

Is it something like this you're looking for?

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial