Hugo van der Kooij

WireShark profile for `fw monitor`

Discussion created by Hugo van der Kooij on Oct 20, 2017
Latest reply on Oct 22, 2017 by ofirsea040d26-f1f2-3b12-9fc6-5c89debaf56c

I write a Wireshark profile to help you with reading `fw monitor` files.

 

I wrote a Dutch description on Wireshark Profiles and I guess the screenshots will be sufficient help to get you started for those not savvy in Dutch ;-)

 

The Short English Version:

  1. Create a Dummy personal profile (Name it whatever you like)
  2. In WireShark, Goto Help => Folders and then proceed to your Personal Configuration directory
  3. Put the ZIP file in the Profiles directory and unpack it.
  4. Now you have your own Check Point profile that has coloring rules and some other smart things.

 

Feel free to mention any smart tricks with Wireshark you use the speed up reading `fw monitor` files.

Attachments

Outcomes