Stop Capturing and Exporting Data - Administration

Note that Wireshark will not stop capturing packets unless it has been told to stop. To stop capturing packets, go to Capture and click “Stop.”

Wireshark provides some ways in which files containing packet information can be exported to another file type suitable for processing. Exporting the live capture packets (such as those you saw in the previous screenshot) containing the data for the six basic columns to MS Excel will be a bit challenging, because there is no direct export to MS Excel. There is, however, a .CSV export which we can use. But the .CSV export will give a distorted output when opened in MS Excel, since they are comma-separated values.

Working and capturing packets seems to be very important for an administrator monitoring traffic in the network. This can be done conveniently with MS Excel, since you can easily filter, sort and analyze information. However, the best approach that I found is using Open Office Calc (a program with feature similar to MS Excel's). This is an open source spreadsheet application that can be easily downloaded.

Below are the detailed steps:

Step 1. Go to your Wireshark application, and then go to File -> Export -> File.

Step 2. Enter the file name.

Step 3. Under “Save as type,” select CSV.

Step 4. You can choose to download all packets or a selected range of packets under “Packet Range.” However, the default setting allows it to export all packets.

Step 5. You can also customize the exported packet details under “Packet format.”

“As displayed” exports to spreadsheet those packets as displayed in Wireshark.

“All collapsed” exports to spreadsheet with all collapsed (no further details given).

“All expanded” exports all possible details of the packet, including the header and information.