Wireshark - How to filter only traffic from visual studio?

Question

Wireshark - How to filter only traffic from visual studio?

I am trying to use wirehark to find out why visual studio is not loading debugging symbols.

1) How to determine which of the addresses that I see in the wirehark capture is a visual studio?

2) How to filter, so I only see traffic froma and Visual Studio in the capture area?

My kindred question is about trying to figure out why visual studio doesn't load debugging symbols here - Debugging symbols don't load

+4

wireshark

Duncan gravill Mar 20 '12 at 16:41

source share

3 answers

You can set a capture filter only to display traffic from a specific TCP port, which you can point to the port where IIS runs. This choice is in the capture-> options menu in Wireshark. When you only capture traffic from one port, it is much easier to say who sends / receives each packet.

+2

javram Mar 20 '12 at 16:54

source share

Microsoft Message Filter seems to be a much more informative tool than Process Monitor, it can also filter the capture by processID, offering functionality near Vireshark. It is not as simple as Process Monitor (installation is ~ 60 Mb) and is owned (but free).

0

sunny moon 10 sept. '15 at 20:26

source share

rupello · Accepted Answer · 2012-03-23T00:32:53+0000

Process Monitor is a good easy tool to view the sockets that a process uses. You can filter the PID or .exe name (e.g. devenv.exe)

If you started Wireshark at the same time, you can then filter on the right sockets to perform a performance analysis.

enter image description here

Wireshark - How to filter only traffic from visual studio?

More articles: