Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-users: Re: [Wireshark-users] Packet capture on one IP address?

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: j.snelders@xxxxxxxxxx
Date: Thu, 12 Mar 2009 21:54:46 +0100
Hi Shannon,

Or you can take a look at Statistics -> Conversations or Statistics -> Endpoints.
You can sort by clicking on the column headers, for instance Packets, Bytes.
You can also apply display filters by right-clicking on a conversation.
See the User's Guide for more information:
http://www.wireshark.org/docs/wsug_html_chunked/ChStatConversations.html
http://www.wireshark.org/docs/wsug_html_chunked/ChStatEndpoints.html#ChStatEndpointsWindow

Regards
Joan

On Thu, 12 Mar 2009 10:10:51 -0700 (PDT) Wes wrote:
>
>The easiest way is to put:
>
>ip.addr == xx.xx.xx.xx
>
>into the display filter where xx.xx.xx.xx is the IP address of interest.
>
>Wes
>
>
>--- On Thu, 3/12/09, Shannon Adams <shannon_adams68@xxxxxxxxx> wrote:
>
>> From: Shannon Adams <shannon_adams68@xxxxxxxxx>
>> Subject: [Wireshark-users] Packet capture on one IP address?
>> To: wireshark-users@xxxxxxxxxxxxx
>> Date: Thursday, March 12, 2009, 12:19 PM
>> Thanks to all who helped me with the question below.  If I
>> see one IP address is a "top talker", how do I
>> zone in on that one IP and see what they are doing?  I have
>> tried creating filters by IP and haven't had much luck. 
>> Thanks for any help.
>> 
>> 
>> 
>> ----- Original Message ----
>> From: Shannon Adams <shannon_adams68@xxxxxxxxx>
>> To: wireshark-users@xxxxxxxxxxxxx
>> Sent: Thursday, March 12, 2009 9:09:01 AM
>> Subject: "Top Talkers" using Wireshark?
>> 
>> I have been reviewing the Network Instruments Observer
>> product and the most useful feature for me is the "Top
>> Talkers" screen.  I can start a packet capture and sort
>> by total bytes or packets.  
>> 
>> I just discovered and installed Wireshark this morning, but
>> I cannot seem to locate a "Top Talkers" type tool.
>>  If I it has that, it would save me a small fortune in
>> having to purchase a license for Network Observer.  Does
>> Wireshark have this feature?  If so, can someone please lead
>> me in the right direction on how to use it?
>> 
>> Thanks in advance,
>> Shannon
>> 
>> 
>>       
>> ___________________________________________________________________________
>> Sent via:    Wireshark-users mailing list
>> <wireshark-users@xxxxxxxxxxxxx>
>> Archives:    http://www.wireshark.org/lists/wireshark-users
>> Unsubscribe:
>> https://wireshark.org/mailman/options/wireshark-users
>>             
>> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
>      
>___________________________________________________________________________
>Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
>Archives:    http://www.wireshark.org/lists/wireshark-users
>Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube