After writing a bunch of articles, I started to recognize a trend. I was writing about what I knew best: Networking generally and Wireshark specifically. I moved the content to tshark.dev and organized it visually.

Most Wireshark documentation focuses on the GUI. In its many forms, it spans 2 Wireshark guides, 2 Wireshark forums, manpages, developer email chains, the actual source code, etc. That is not to say the existing documentation is not good. You will probably find what you are looking for eventually.

tshark.dev provides a unified and intuitive UI docs for working with packet captures on the CLI. The focus is on doing everything in the CLI because that is an interface your scripts and programs can use. Examples primarily use bash, with some examples in python and ruby. Programs such as Termshark and PyShark do novel things by leveraging tshark. You can too by using this guide!

tshark.dev screenshot