This is our old Q&A Site. Please post any new questions and answers at

I'm using Wireshark 1.12.0 to analyze SNMP captures for timeouts. I have tried to examine Wireshark SNMP Display Filter Reference ( without much success in figuring out the correct filters.

Can someone please point me to how I can find out the answer to the following questions:

1). What is the Wireshark display filter to identify SNMP requests that take more than X seconds to respond to?

2). What is the Wireshark display filter to identify SNMP requests that do not have corresponding responses?

Your assistance is greatly appreciated, thank you in advance.

asked 22 Sep '14, 21:48

jasfoor's gravatar image

accept rate: 0%

edited 23 Sep '14, 05:39

I think you're out of luck, the SNMP dissector doesn't do any request\response tracking, so there's nothing to filter on.

You can probably achieve your requirements by some form of scripting, either internally in Wireshark using Lua or possibly MATE, or externally using the scripting technology of your choice to parse tshark output.

You could raise an enhancement request on the Wireshark Bugzilla to add request\response tracking to the SNMP dissector.

permanent link

answered 23 Sep '14, 06:28

grahamb's gravatar image

grahamb ♦
accept rate: 22%

Thanks for the input @grahamb.

(23 Sep '14, 07:46) jasfoor

I've given you all your reputation points back, to accept an answer simply click the checkmark icon next to the answer.

(24 Sep '14, 02:04) grahamb ♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 22 Sep '14, 21:48

question was seen: 3,816 times

last updated: 24 Sep '14, 02:07

p​o​w​e​r​e​d by O​S​Q​A