Imagotype-NetworkDataPedia (1)_edited.pn

NetworkDataPedia © 2018-2020  |  Editorial Team   |   Privacy Policies  |  Contact Us          Website built by DYCMarketing 

Wireshark Annotation

April 16, 2014

One of the toughest things to do when analyzing packets is documentation. 

I rely on my Tracefile Workbook to make notes when I need to reference a specific packet or event.

 

Wireshark added a pretty cool feature to help with this process. It is called the Annotation feature.  There are 2 different types of annotation; File and Packet. 

 

The File annotation allows you to make some notes regarding the trace file itself. A good example of items to note would be things like recording the test environment, use of span ports, what is being tested or finally a description of the issue.

 

The Packet annotation allows you to make notes within specific packets. For example you might want to make a note on the packet that caused the application error, or mark the packet that represents when the client clicked submit.

 

As I mentioned in the video, the key here is to make sure you use the proper file extension of pcapng to retain these notes.

 

Enjoy

 

 

 

Share on Facebook
Share on Twitter
Please reload

Sponsored By:

Viavi

Display_LoveMyTool_170x400.png
Recent Posts

November 12, 2019

Please reload