The PSML language is a very simple language that keeps the most important information related to a decoded packet (i.e. the summary view). PSML stands for Packet Summary Markup Language and it is strongly related to the NetPDL. This language is used by a NetPDL engine that understands the NetPDL Visualization Extension to create a summary view of each packet.

A summary view of a packet is an XML file that contains some of the most important information related to protocols and fields that are contained in one packet (e.g. the protocol names). The PSML specification is a way to organize this information and it lists all the packets contained in a capture file, detailing the most important information for any of them.

The PSML document is delimited by the <psml> and </psml> tags. This tag contains one <structure> element at the beginning, followed by a set of <packet> elements, which contains the decoded packets.

Both <structure> and <packet> do not have attributes. Vice versa, the <psml> element can have the following attributes:

An example of PSML document looks like:

  <psml>
    <structure>
      ...
    </structure>
    <packet>

      ...
    </packet>
    <packet>
      ...
    </packet>
    ...
  </psml>

The summary view of a packet is usually made up of several sections; for instance, a common form for the summary view is the following:

Table 1: example of a summary view of a capture network trace (containing four packets)

Each Section is devoted to a particular set of information, for example the network-related ones (e.g. the IP source and address, and more). The structure of the summary view is the list of sections that compose it. This list of sections is kept in the <structure> element, which includes a set of <section> elements, where each <section> defines the characteristics of a section of the summary view. <section> elements do not have neither child elements, nor attributes. An example of a summary view is the following:

  <structure>
    <section>N.</section> 
    <section>Time</section> 
    <section>Link Layer</section> 
    <section>Network</section> 
    <section>Transport</section> 
    <section>Application</section> 
  </structure>

In this example, the summary view is made up of six sections, whose names are the content of the element. For instance, these names can be used when showing the summary view as a column names (such as the column headers in the Table 1 example). Section names are derived from the sevel-layers IOS OSI model.

Each <packet> element must contain a number of <section> child elements, whose number is equal to the number of sections defined in the summary structure. For instance, in the example below, each <packet> will have six sections. An example of a packet (e.g. the first packet in the example in Table 1) looks like the following:

  <structure>
    <section>1</section> 
    <section>14:12:22.448</section> 
    <section>0080c7-cb439a => ffffff-ffffff</section> 
    <section></section> 
    <section></section> 
    <section>ARP Request: who has 130.192.16.17 tell 130.192.16.81</section> 
  </structure>

In case the packet does not have any information related to a given section, the <section> element must be present with a void content. Neither <packet> nor <section> have any attributes.

The relationship between NetPDL and PSML is rather simple. The summary view originates from the directives contained in the <showsumtemplate> element in the NetPDL visualization extension. For this element to be applied, the packet decoding has to be completed, i.e. Field Visualization Variables must be associated to all NetPDL fields.

The procedure for creating the summary view involves the execution of the directives present in the <showsumtemplate> NetPDL element, and coping the value of the required field/attributes from the NetPDL engine to the PSML document.

The XML schema definition of the PSML language can be found at the XSD Schema Page.

The license of the PSML language can be found at the Language License Page.