O'Reilly logo

Wireshark Revealed: Essential Skills for IT Professionals by Charit Mishra, Yoram Orzach, James H Baxter

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Configuring display filters

In order to configure display filters, you can choose one of the several options:

  • Choosing from the filters menus
  • Writing the syntax directly into the display filter window (while working with Wireshark; after a while this will become your favorite)
  • Choosing a parameter in the packet pane and defining it as a filter
  • Using tshark or wireshark with command line ; this will be discussed in Appendix

This chapter discusses the first three options.

Getting ready

In general, a display filter string takes the form of a series of primitive expressions connected by conjunctions (and, or, or something else) and optionally preceded by not:

[not] Expression [and|or] [not] Expression...

While Expression can be any filter expression, such ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required