![]() The display filter (which is much more powerful and complex) will permit to search exactly the data we want. If we change our mind, we can always change the filters set to select other set of packages (but remember that we can't this way select packages rejected by first type of filters - the capture filters). Simply speaking, display filters narrow packet set from what has been recorded to what interests us now. They can be modified while data is captured. Display filters: Used to search inside the captured logs.The capture filter is used as a first large filter to limit the size of captured data to avoid generating a log too big. Simply speaking, capture filters select the data to be saved and irrevocably throws other away. There is no method to get information filtered out by this filters. They are defined before starting the capture. Capture filters: Used to select the data to record in the logs.This is the place and time when filter are handy - they will help us to target, in the prolific logs, the data we are looking for. Too much information hides the important information. Remember to keep things simple and do no more than you have. When we launch Wireshark in reach network environment we will be flooded with information unless settings are different then default. Status bar Just a status bar with some statistic and general information.With this only ascii strings are visible and human readable. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |