# tshark
[tshark](https://www.wireshark.org/docs/man-pages/tshark.html) is for chomping information out of pcaps.

## snmp strings - pull the names and versions out into a simple list
```
tshark -r capture.pcap -Y "snmp" -T fields -e snmp.version -e snmp.community | sort | uniq
```
Notes:
* `0` indicates SNMPv1
* `1` indicates SNMPv2c