Wireshark is the world’s foremost and widely-used network protocol analyzer. It lets you see what’s happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions. Wireshark development thrives thanks to the volunteer contributions of networking experts around the globe and is the continuation of a project started by Gerald Combs in 1998.
In the company I’m working for it is used on a regular basis to analyse and debug long running tcpdumps.
Though, we really use it as viewer only.
Maybe, as we now have to support some windows VMs as well, we might use it for actual captures as well in the future, though I doubt it, as those VMs purpose is not even close to the purpose of the machines were we usually have to do that kind of long time captures.
Yeah I used to use wireshark (and under its prior name of ethereal or whatever it was) a lot and less so nowadays as I do less network development, but it was super useful. tcpdump is also useful but need other tools to parse through it, lol.
I’ve used Wireshark at home, and at work. At work it was very useful for analyzing a (relatively unique) network protocol for some older systems. You can extend it so that it recognizes different protocols and can breakdown the packets (so that our custom protocol stopped being a hex blob and became actual useful information). With that, we could do a lot of filtering in Wireshark to monitor things during test and development.