Wireshark Review

The best thing about Wireshark is the community/ecosystem....

Valuable Features:

The best thing about Wireshark is the community/ecosystem. Answers are easy to find in either the documentation or on the wiki. Packet analysis is not for the weak at heart, but Wireshark makes it as painless as possible with profiles, extensive decodes (dissectors), expert system and filtering capability. I use it everyday.Best features to get started with: Network Monitoring with Statistics>Endpoints - Who is talking? Network Monitoring with Statistics>Conversations - Who is talking to who? Application Monitoring with Statistics>Service Response Time - How fast did they get an Application layer response? Visualization with Statistics>IO Graph - Can I see it all in a pretty picture?

Room for Improvement:

It is easy to get overwhelmed with the amount of data you are looking at. But that is true with any analysis tool. The best approach is to focus on a single process that interests you, follow its stream and walk through the packets until you understand what is happening. Then move on to learn the next thing. How do you eat an elephant? One "byte" at a time.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
1 Comment
Jean-Luc LabbéConsultant

What about using a solution that would allow you to find trouble fast and apply effective vision and clarity to resolve the issue? thx.

15 May 14

Sign Up with Email