背景:先用wireshark抓数据帧,过滤自己需要的之后转换为json文件,然后使用jsoncpp工具解析,获取其中有用的数据,最后把数据写入到文件中,之后分析数据或根据数据画图。
我分析的json文件格式如下,是抓取的usb数据,我需要的是"usb.capdata"键值的数据,由于"23:80:45:80"是两个数据,并且是小端格式,这个数据应该是0823h和0845h,所以我我还需要做一些转换
c
{
"_index": "packets-2024-04-23",
"_type": "doc",
"_score": null,
"_source": {
"layers": {
"frame": {
"frame.section_number": "1",
"frame.interface_id": "0",
"frame.interface_id_tree": {
"frame.interface_name": "\\\\.\\USBPcap1",
"frame.interface_description": "USBPcap1"
},
"frame.encap_type": "152",
"frame.time": "Apr 23, 2024 17:07:55.755688000 中国标准时间",
"frame.offset_shift": "0.000000000",
"frame.time_epoch": "1713863275.755688000",
"frame.time_delta": "0.000135000",
"frame.time_delta_displayed": "0.000000000",
"frame.time_relative": "41.255565000",
"frame.number": "25",
"frame.len": "31",
"frame.cap_len": "31",
"frame.marked": "0",
"frame.ignored": "0",
"frame.protocols": "usb"
},
"usb": {
"usb.src": "1.12.1",
"usb.addr": "1.12.1",
"usb.dst": "host",
"usb.addr": "host",
"usb.usbpcap_header_len": "27",
"usb.irp_id": "0xffff9503afc4da20",
"usb.usbd_status": "0x00000000",
"usb.function": "0x0009",
"usb.irp_info": "0x01",
"usb.irp_info_tree": {
"usb.irp_info.reserved": "0x00",
"usb.irp_info.direction": "0x01"
},
"usb.bus_id": "1",
"usb.device_address": "12",
"usb.endpoint_address": "0x81",
"usb.endpoint_address_tree": {
"usb.endpoint_address.direction": "1",
"usb.endpoint_address.number": "1"
},
"usb.transfer_type": "0x03",
"usb.data_len": "4",
"usb.request_in": "23",
"usb.time": "0.000229000",
"usb.bInterfaceClass": "0x0a"
},
"usb.capdata": "23:80:45:80"
}
}
}代码如下
cpp
#include "json/json.h"
#include <fstream>
#include <iostream>
/**
* $g++ readFromStream.cpp -ljsoncpp -std=c++11 -o readFromStream
* $./readFromStream
*/
void readFileJson();
int main(int argc, char* argv[]) {
readFileJson();
return EXIT_SUCCESS;
}
void readFileJson() {
Json::Reader reader;
Json::Value root;
string ifilename, ofilename;
cout << "please input json file name:";
cin >> ifilename;
cout << "please input output file name:";
cin >> ofilename;
cout << "start~" << endl;
//从文件中读取,保证当前文件有json文件
ifstream in(ifilename, ios::binary);
if (!in.is_open()) {
cout << "Error opening file\n";
return;
}
if (reader.parse(in, root)) {
string usb_capdata; //usb原数据
ofstream rf; //数据输出句柄
const char* c1; // string转换数组原数据
char c2[5]; //截取翻转之后数据
int num; //转换为十进制
int strsize = root.size(); //一个数据帧是一组数据,这个也表示有多少个数据帧
rf.open(ofilename, ios::binary); //如果没有文件则创建
for (int i = 0; i < strsize; i++) {
usb_capdata = root[i]["_source"]["layers"]["usb.capdata"].asString();
c1 = usb_capdata.c_str(); //string转换为char型
//23:80:45:80
//第一个数据
c2[0] = c1[3];
c2[1] = c1[4];
c2[2] = c1[0];
c2[3] = c1[1];
c2[4] = '\0';
num = strtol(c2, NULL, 16); //转换为十进制
rf << num << ","; //写入文件
//第二个数据
c2[0] = c1[9];
c2[1] = c1[10];
c2[2] = c1[6];
c2[3] = c1[7];
c2[4] = '\0';
num = strtol(c2, NULL, 16);
rf << num << endl;
}
rf.close(); //关闭数据输出文件
cout << "Reading Complete!" << endl;
} else {
cout << "parse error\n" << endl;
}
in.close(); //关闭数据输入文件
system("pause");
}