is there anyone who could sum up the packet colorization system in wireshark? My capture list is looking quite colourful, but I don't quite understand how the colorization scheme work. Thank you
Asked
Active
Viewed 184 times
1 Answers
1
For some people, Wireshark colouring rules make it easier for "interesting" traffic to pop out, making troubleshooting issues a bit easier.
Head into View > Coloring Rules to see which rules are configured. Packets which match the display filters configured will be coloured accordingly.
For example, if you have a Wireshark capture of a connection to a website, a simple display filter of http will show you only HTTP packets. If you wanted to have those HTTP packets have a yellow background, you could add a Colouring Rule with the same http filter and a colour of your choice.
Any display filter that you can think of could be used as a colouring rule.
Mark Riddell
- 1,143
- 1
- 7
- 11