This is our old Q&A Site. Please post any new questions and answers at

Hi, I'm using a Windows 10 laptop with performance monitor and see occasional network spikes. Is there a WireShark filter I can use to see what's using the bandwidth? It'd be ideal to be able to identify that 50% of all packets are related to application X or going to IP


asked 16 Nov '16, 03:39

aetius's gravatar image

accept rate: 0%

Have you tried to use Statistics -> Conversations and sort the lines by Packets or Bytes, A->B or B->A, by clicking the header of the respective column?

Wireshark won't tell you which application is responsible for a particular traffic; for that, other tools exist in Windows (I don't remember the name of the one you need in particular, sorry). Indirectly, you can identify applications by the port used at server side.

permanent link

answered 16 Nov '16, 03:50

sindy's gravatar image

accept rate: 24%

Thanks, I'll give that a go

(16 Nov '16, 04:11) aetius

use "netstat -ano" to view all active and listening sockets along with the PID using that socket. Then use "Task Manager" to view the PID and associated application or service.

(16 Nov '16, 15:46) Rooster_50
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 16 Nov '16, 03:39

question was seen: 1,173 times

last updated: 16 Nov '16, 15:46

p​o​w​e​r​e​d by O​S​Q​A