I don't know how to do it with TNS. but you can do something like this using tshark, for example to look at http requests.

我不知道如何用 TNS 做到这一点。但是您可以使用 tshark 执行类似操作，例如查看 http 请求。

tshark -T fields -e http.request.uri

tshark -T fields -e http.request.uri

So if you can look at the options in the TNS decoder, you should be able to grab that field and redirect the output to a file.

因此，如果您可以查看 TNS 解码器中的选项，您应该能够获取该字段并将输出重定向到文件。

Finally found away to do this. First, use tshark capturing tns packets:

终于找到了做这个。首先使用tshark抓tns包：

tshark -R tcp.port==1521 -T fields -e data.data -d tcp.port==1521,tns > input.txt

Then you could use home brew Ruby script below to transform from bytes to text:

然后您可以使用下面的自制 Ruby 脚本将字节转换为文本：

file = ARGV[0]
print_all = ARGV[1]

File.open(file, "r").each {|line|
  line.gsub(",", ":").split(':').each {|byte|
    chr = Integer('0x' + byte).chr
    print chr if ((' '..'~').include?(chr) or chr == "\n") or (print_all.downcase == 'all' if print_all)
  } if !line.chomp.empty?
}

Examples are:

例子是：

encode.rb input.txt > output.txt

will export printable text only from input to output

将仅从输入导出可打印文本到输出

encode.rb input.txt  all > output.txt

will export all text from input to output

将所有文本从输入导出到输出

An easy way of looking at them all that has worked for me is just Right Click -> Follow TCP Stream.

查看所有对我有用的简单方法就是Right Click -> Follow TCP Stream.

A note: unprintable characters are displayed as .s. If there are a bunch of these interspersed between all the text you want to extract (as there was for me), switch it to ASCII, save it and open it in your favourite text editor (vim for me), then run a search and replace similar to /\.//g.

注意：不可打印的字符显示为.s。如果在您要提取的所有文本之间散布着一堆这些（就像我一样），请将其切换到ASCII，保存并在您最喜欢的文本编辑器（对我而言是 vim）中打开它，然后运行搜索并替换类似于/\.//g.