How to only capture http info (not just filter)

In practical terms, it means a capture filter like tcp port 80 if the http traffic you are after uses the default port at server side. If it uses other ports, let the capture filter allow packets to/from these tcp ports in as well. However, if you do not know in advance which ports are used, you'd be better off with capturing everything (or at least all tcp packets) using a ring buffer of files in tshark, and then analyze the result files one by one using Wireshark. After the initial analysis, you may filter parts of a single tcp stream from several such files into new files and merge the new ones together to have the whole tcp session in a single file.

The problem i have is that is sniffing wireless traffic, if i use port filtering it doesn't capture the handshake and im not getting any data. is there anything else i can do? if i leave it for more than half an hour the files get really large and almost crash my system

is there anything else i can do?

Can you move to wired capture? With encrypted wireless, you will only be able to single out data or qos-data frames until you perform the decryption step. Plus you can't be 100% sure you will always be able to decrypt - there is a non-zero probability that you will have packet loss so you may miss one or more EAPOL frames, and not be able to decrypt for that session (until the next session timeout occurs or whatever).

I would work really hard to move to wired capture mechanism and use a capture filter as @sindy suggested.

Also Wireshark should NOT be your long term capture solution. Due to the ever-increasing memory consumption, it's the wrong tool. Look at dumpcap, tcpdump, or windump for long term capture. I limit my wireless capture files to 200MB, and post process with various tshark commands to strip out things that I may want.