利用python简单分析抓包数据
wireshark的数据
![在这里插入图片描述](https://img-blog.csdnimg.cn/b3d096d929a6448faa555c5254ed10dd.png)
先读一行看看长啥样
import json
data_file = r'E:\download\data.json'
with open(data_file,'r',encoding='utf8') as f:
data_list = json.loads(f.read())
print(data_list[0])
用格式化工具看
![在这里插入图片描述](https://img-blog.csdnimg.cn/e3688e0b657a4359a0776edcc6c35bf0.png)
完整代码&最终结果
import json
data_file = r'E:\download\data.json'
output_file = r'E:\download\netflow.csv'
with open(data_file,'r',encoding='utf8') as f:
data_list = json.loads(f.read())
with open(output_file,'w') as f:
title = 'ID,源MAC,目的MAC,SIP,DIP,SPORT,目的端口\n'
f.write(title)
id= 0
for data_item in data_list:
base_idx = data_item.get("_source").get("layers")
srcmac = base_idx.get("eth").get("eth.src")
dstmac =base_idx.get("eth").get("eth.dst")
srcip = base_idx.get("ip").get("ip.src")
dstip = base_idx.get("ip").get("ip.dst")
srcport = base_idx.get("tcp").get("tcp.srcport")
dstport = base_idx.get("tcp").get("tcp.dstport")
id+=1
try:
f.write( '%s,%s,%s,%s,%s,%s,%s\n' % (line, srcmac,dstmac,srcip,dstip,srcport,dstport))
except Exception as e:
print(e)
continue
![在这里插入图片描述](https://img-blog.csdnimg.cn/7fee44e0135d4666a3c7f4d5a7e5194c.png)