From: Felix Fietkau <nbd@nbd.name>
Date: Tue, 21 Nov 2023 09:46:13 +0000 (+0100)
Subject: README: add wireshark info
X-Git-Url: http://git.openwrt.org/ubox.git?a=commitdiff_plain;h=a2301fa3b0c6c7914e059ceb875a6f3f6fe67954;p=project%2Fudebug.git

README: add wireshark info

Signed-off-by: Felix Fietkau <nbd@nbd.name>
---

diff --git a/README.md b/README.md
index 7f83280..5fad206 100644
--- a/README.md
+++ b/README.md
@@ -6,6 +6,13 @@ Through the CLI, you can either create snapshots of data with a specific duratio
 or stream data in real time. The data itself is stored in .pcapng files, which can
 contain a mix of packets and log messages.
 
+## Notes on using Wireshark
+
+In order to parse log messages in .pcapng files, you need to change the Wireshark
+configuration.
+Under `Preferences` -> `Protocols` -> `DLT_USER` -> `Encapsulations Table`,
+add an entry for `User 0 (DLT=147)` with Payload protocol `syslog`.
+
 ## libudebug C API
 
 #### `void udebug_init(struct udebug *ctx)`