Analyzing network traffic with Tshark


The Tshark analyzer is a simple, command-line tool for monitoring and analyzing data streams. Tshark filters out individual protocols from the array of packages with just a few simple steps.

Tshark is easy to use and learn, and, like its GUI-based counterpart Wireshark, it works well on a small scale. However, sooner or later, Tshark will impair system performance if you need to collect large volumes of data. See the Wireshark wiki [14] for some tips on mitigating any performance slumps that occur when you are using Wireshark or Tshark.

The Author

Valentin Höbel works as a Cloud architect for the VoIP specialists NFON AG in Munich. When he is not playing table football in his spare time, you will find him investigating current open source technologies.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Capture File Filtering with Wireshark

    Wireshark doesn’t just work in real time. If you save a history of network activity in a pcap file using a tool such as tcpdump, you can filter the data with Wireshark to search for evidence.

  • Security Lessons

    Building a network flight recorder with Wireshark.

  • Core Technologies

    Learn what's going on in your network, using Linux and its arsenal of packet capture tools.

  • FOSSPicks

    This month's FOSSPicks was nearly lost in a stream of AES-256 noise, as Graham struggled to get his encrypted Linux installation (using LUKS) to live alongside an encrypted macOS installation (using APFS).

  • Wireshark

    If you know your way around network protocols, you can get to the source of a problem quickly with Wireshark.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More