I am trying to pipe tshark output to awk . The tshark command works

Question

0

Asked: May 24, 20262026-05-24T10:57:32+00:00 2026-05-24T10:57:32+00:00

I am trying to pipe tshark output to awk . The tshark command works

0

I am trying to pipe tshark output to awk. The tshark command works fine on its own, and when piped to other programs such as cat, it works fine (real time printing of output). However, when piped to awk, it hangs and nothing happens.

sudo tshark -i eth0 -l -f "tcp" -R 'http.request.method=="GET"' -T fields -e ip.src -e ip.dst -e 
tcp.srcport -e tcp.dstport -e tcp.seq -e tcp.ack | awk '{printf("mz -A %s -B %s -tcp \"s=%s sp=%s 
dp=%s\"\n", $2, $1, $5, $4, $3)}'

Here is a simplier version:

sudo tshark -i eth0 -f "tcp" -R 'http.request.method=="GET"' | awk '{print $0}'

And to compare, the following works fine (although is not very useful):

sudo tshark -i eth0 -f "tcp" -R 'http.request.method=="GET"' | cat

Thanks in advance.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-24T10:57:35+00:00

Editorial Team

2026-05-24T10:57:35+00:00Added an answer on May 24, 2026 at 10:57 am

Per our previous messages in comments, maybe it will work to force closing the input and emitting a linefeed.

sudo tshark -i eth0 -f "tcp" -R 'http.request.method=="GET"' ...... \
| {
    awk '{print $0}'
    printf "\n"
  }

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I am trying to pipe tshark output to awk . The tshark command works

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply