Given a valid log file generated by Wireshark, a number of desired parameters are extracted from the Wireshark log file for every frame. These parameters are: the frame number, the source and destination Layer 2 (MAC) addresses, the source and destination Layer 3 (IP) addresses, the Layer 4 (transport layer) protocol used, the Layer 7 (application layer) protocol used, any source and destination TCP or UDP ports used, as well as the presence and approximate position of each 3-way handshake and termination handshake. The appropriate parsed data is also output in tabulated format via .csv files.
On the Windows platform, ensure that the environment path for TShark is set (this should be the default installation path for Wireshark). Python 3 should also be installed on the system and have its environment path set properly. Afterwards, simply run either the Windows command prompt or Windows Powershell and navigate to the directory parse.py is in.
Run parse.py with either of the following command syntax (without quotations):
python parse.py
python parse.py "fileName"
The above commands can also be run in Mac or Linux by specifying parse.py as the target file to run.