• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • VCS
  • Interview Questions
  • Database
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

tshark: command not found

by Deepika

Tshark is a powerful packet analysis tool and a command-line interface (CLI) version of Wireshark. It is an open-source network protocol analyzer that enables users to capture, display, and analyze network packets. Tshark is designed to work on multiple platforms, including Windows, Linux, and macOS.

Tshark captures packets in real-time and provides users with the ability to analyze the contents of these packets. This tool can be used to troubleshoot network issues, monitor network traffic, and identify security vulnerabilities. Tshark supports a wide range of protocols and can decode packet formats for various protocols, including TCP/IP, UDP, HTTP, DNS, and many more.

One of the key benefits of using Tshark is its flexibility and customization. It can be used in a variety of scenarios and can be customized to suit the needs of different users. Tshark can be run from the command line, and users can specify a range of options and filters to analyze specific packets or network traffic. Tshark can also save captured packets to a file for later analysis or export to another tool for further analysis.

If you encounter the below error while running the command deepika:

deepika: command not found

you may try installing the below package as per your choice of distribution:

Distribution Command
Debian apt-get install tshark
Ubuntu apt-get install tshark
Alpine apk add tshark
Arch Linux pacman -S tshark
Kali Linux apt-get install tshark
CentOS yum install tshark
Fedora dnf install wireshark-cli
Raspbian apt-get install tshark

tshark Command Examples

1. Monitor everything on localhost:

# tshark

2. Only capture packets matching a specific capture filter:

# tshark -f 'udp port 53'

3. Only show packets matching a specific output filter:

# tshark -Y 'http.request.method == "GET"'

4. Decode a TCP port using a specific protocol (e.g. HTTP):

# tshark -d tcp.port==8888,http

5. Specify the format of captured output:

# tshark -T json|text|ps|…

6. Select specific fields to output:

# tshark -T fields|ek|json|pdml -e http.request.method -e ip.src

7. Write captured packet to a file:

# tshark -w path/to/file

8. Analyze packets from a file:

# tshark -r filename.pcap

Summary

Tshark is a valuable tool for network administrators, security professionals, and anyone who wants to analyze network traffic. It is highly customizable, efficient, and can analyze packets in real-time. The tool is also open-source, which means that it is free to use and can be modified by users to suit their specific needs.

Filed Under: Linux

Some more articles you might also be interested in …

  1. pvdisplay Command Examples in Linux
  2. unlink: command not found
  3. Linux OS Service ‘portreserve’
  4. chrt Command Examples in Linux
  5. Unable to Run X Applications Through SSH in Linux
  6. gcloud: The official CLI tool for Google Cloud Platform
  7. iex Command Examples
  8. airpaste – Share messages and files on the same network using mDNS (Command Examples)
  9. docker load: Load Docker images from files or stdin
  10. isisdl Command Examples

You May Also Like

Primary Sidebar

Recent Posts

  • Vanilla OS 2 Released: A New Era for Linux Enthusiasts
  • mk Command Examples
  • mixxx Command Examples
  • mix Command Examples

© 2025 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright