Filter by process/PID in Wireshark

wireshark
Ryan Fernandes picture Ryan Fernandes · Aug 27, 2009 · Viewed 151.9k times · Source

Is there a way to filter/follow a TCP/SSL stream based on a particular process ID using Wireshark?

Answer

Sreejith Menon picture Sreejith Menon · May 4, 2010

Just in case you are looking for an alternate way and the environment you use is Windows, Microsoft's Network Monitor 3.3 is a good choice. It has the process name column. You easily add it to a filter using the context menu and apply the filter.. As usual the GUI is very intuitive...

Related questions

How to filter by IP address in Wireshark?

I tried dst==192.168.1.101 but only get : Neither "dst" nor "192.168.1.101" are field or protocol names. The following display filter isn't a valid display filter: dst==192.168.1.101

Read More
Capturing mobile phone traffic on Wireshark

How can I capture mobile phone traffic on Wireshark?

Read More
Wireshark localhost traffic capture

I wrote a simple server app in C which runs on localhost. How to capture localhost traffic using Wireshark?

Read More