Wireshark capture from remote tcpdump via ssh

So, tcpdump is nice but it’s hard to look through all the output in the console .. and filtering .. and so on. Here’s how I managed to get it to analyze it in wireshark:

wireshark -k -i <(ssh user@host -p port tcpdump -s0 -U -n -w - -i interface 'filter')

Leave a Reply

Your email address will not be published. Required fields are marked *