How can i use the tshark
utility to download a list of protocols
from a .pcap
file? Only protocols
are needed.
I am not sure if this is the fastest way but should output what you need.
The following line will output a CSV file
tshark -r file.pcap -E header=y -E separator=, -T fields -e frame.protocols > file.csv
And then you can use the following Python code
import pandas as pd
df = pd.read_csv('file.csv')
new = df["frame.protocols"].str.split(":",expand = True)
pd.value_counts(new.values.ravel())
You can see the number of occurrences of each protocol.
P.S. Ignore eth and ethertype