Hi Community members
I would like to know if there is a way we can analyze Wireshark traces using N8N by just uploading the .pcap file and then asking queries on the IP or MAC conversations
hello @gsm.asad
n8n doesn’t have any Wireshark nodes. You can export the pcap file to JSON and then upload it to n8n
1 Like
Hi @gsm.asad,
n8n doesn’t have a built-in Wireshark node, and there are no community nodes for this either. However, you can still analyze your packet captures in n8n by converting the .pcap file to JSON beforehand, then processing it in a workflow.
Steps:
-
Convert your .pcap to JSON locally — On your machine (where Wireshark is already installed), run:
tshark -r capture.pcap -T json > capture.jsonYou can filter to just the fields you care about:
tshark -r capture.pcap -T json -j "ip eth tcp" > capture.jsonSee the tshark manual for all filtering options. Alternatively, in Wireshark’s GUI you can use File > Export Packet Dissections > As JSON.
-
Upload the JSON to n8n — Use a Webhook node to receive the file, or a Manual Trigger and paste the JSON directly.
-
Query your data — Use the Code node to filter by IP, MAC address, protocol, or any other field in the JSON.
1 Like
Thnx for the detailed reply
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.