New to Wireshark; not to Windows (25+ years as an admin). Just downloaded Version 2.2.0 (v2.2.0-0-g5368c50 from master-2.2), installed on Windows 7 64-bit. The opening screen of Wireshark is not what I expected, nor what I see in online demos or tutorials. It's a pretty spartan screen with a blue rectangle stating "Welcome to Wireshark"; followed by the title "Capture"; then a line stating: ... using this filter: [box to enter a capture filter]; then next line: Wireless Network Connection, then next line: Local ARea Connection; then next line: Wireless Network Connection 2; then next line: Cisco remote capture; then next line: Random packet generator; then last line of: SSH remote capture. So how do I launch Wireshark and get the proper opening screen??? asked 10 Sep '16, 11:34 Watcher28 |
One Answer:
Wireshark is constantly evolving and the screen you can see is the state-of-the art one while the tutorials you refer to have been created some time ago. The documentation updates also focus more at functionality than at the user interface layout. The current opening screen takes you right where you want to be - if you want to analyse an existing file, you are likely to double-click the file. If you open Wireshark directly instead, you are supposed to be going to start capturing, which is exactly what the opening screen offers you. If you do nothing but double-click one of the lines representing capture sources (mostly network interfaces), you start capturing from that source straight away. It is true that the relationship between the capture filter field and the capture source is not really self-explaining but you'll get used to it. This Answer to an older Question describes how it works. answered 10 Sep '16, 11:52 sindy edited 10 Sep '16, 12:13 |