tshark: improve -G elastic-mapping command by adding filters.

The generated elastic mapping file is huge and it can hassle softwares like Kibana. This change adds the ability to append desired filters that will appear in the mapping file. This change adds the option --elastic-mapping-filter <protocols> to tshark. Example: tshark -G elastic-mapping --elastic-mapping-filter ip,udp,dns make only those 3 protocols to appear in the mapping file. Change-Id: Ie2dcd6e44be2d084e8e50cd6554bd90178da4e38 Reviewed-on: https://code.wireshark.org/review/27001 Reviewed-by: Peter Wu <peter@lekensteyn.nl> Petri-Dish: Peter Wu <peter@lekensteyn.nl> Tested-by: Petri Dish Buildbot Reviewed-by: Dario Lombardo <lomato@gmail.com>
author: Dario Lombardo <lomato@gmail.com> 2018-04-19 13:58:43 +0200
committer: Dario Lombardo <lomato@gmail.com> 2018-04-19 15:54:47 +0000
commit: fc6b8ab698dc7af158620b52848fac9fae564199 (patch)
tree: 68daa0080b4143ef72e9db29e2b023a9db3c5829 /epan/proto.h
parent: ca45f88e3b6f79fa95a62d748fe155e3ea6db271 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/epan/proto.h b/epan/proto.h
index d618a49e36..95c0fe8fcc 100644
--- a/epan/proto.h
+++ b/epan/proto.h
@@ -2455,7 +2455,7 @@ WS_DLL_PUBLIC void proto_registrar_dump_values(void);
 
 #ifdef HAVE_JSONGLIB
 /** Dumps a mapping file for loading tshark output into ElasticSearch */
-WS_DLL_PUBLIC void proto_registrar_dump_elastic(void);
+WS_DLL_PUBLIC void proto_registrar_dump_elastic(const gchar* filter);
 #endif
 
 /** Dumps the number of protocol and field registrations to STDOUT.
author	Dario Lombardo <lomato@gmail.com>	2018-04-19 13:58:43 +0200
committer	Dario Lombardo <lomato@gmail.com>	2018-04-19 15:54:47 +0000
commit	fc6b8ab698dc7af158620b52848fac9fae564199 (patch)
tree	68daa0080b4143ef72e9db29e2b023a9db3c5829 /epan/proto.h
parent	ca45f88e3b6f79fa95a62d748fe155e3ea6db271 (diff)