Do you want to learn some new tricks to make your Wireshark experience better? You have come to the right place, let’s get going!
Protocol statistics + Apply as filter
To get a sense of the kind of traffic you have on a packet capture session you can use the protocol statistics window. To open it go to Statistics > Protocol Hierarchy. If you see some traffic that shouldn’t be there you can just right-click and apply as filter to zoom in and see what’s going on.
Saving and removing display filters
One of the features you will be using more often in Wireshark is display filters, so anything that makes working with them easier is great. You can save common filters as a button that you can click for quick access, to do this enter your filter and then click ‘Save’, give it a name and you are done!
You might also want to remove or rename some of your saved filters, for that you can go to Edit > Preferences > Filter Expressions.
Using time references
As you may know you can view the time column in different formats, the most usefulĀ ones are ‘time since last packet’, and ‘time since start of capture’.
What if you wanted to know how long it took between 2 specific packets that aren’t one after the other? Well that’s what time references are for! Select your starting packet and press Control + T, if it asks you to switch time format say ‘yes’, then you will be able to see what you wanted.
Hope you found that useful, if you have any other cool Wireshark tips please leave a comment 
