TrustRadius
Wireshark is an open source network troubleshooting tool.https://dudodiprj2sv7.cloudfront.net/product-logos/8T/j1/58241T4ZBDRC.jpegWireshark is free for those who like to snoop without limitationsWe/I use Wireshark to capture and to analyze both wireless and wired network traffic. It is an absolutely required tool for any system administrator or network administrator. Our entire IT department uses it. Wireshark is both free and open source software, which, for what it does, saves us a lot of money. This graphical tool is easy to use and makes network packet analysis far less painful than if we had to rely just on the command line. Using Wireshark, we can analyze network traffic for further analysis ourselves or we can capture it and send it as a pcap file to a security consultant for further investigation. It is an essential part of our administrative toolbox.,Wireshark is easy to use and to collect network traffic with. Wireshark color codes network packets based on which type of packet has been captured. This makes the analysis much quicker. Wireshark has a lot of different filters that can be applied either during capture or during analysis to filter out uninteresting packets from the feed. You can download and use a standalone (not installed) version to run on USB thumb drives or other external media in case you want to analyze a potentially compromised system in place.,Wireshark requires elevated privileges, which can either be bad or good depending on your perspective. It has the standard disadvantage of capturing packets that might not reflect actual network traffic because the data is captured locally. Not a flaw of Wireshark, specifically, but of any locally run sniffing software. It can be confusing for new users to see all the columns and colors. You can do a lot of customization but it takes some effort.,10,Wireshark continues to have a positive effect/impact on our business because we don't necessarily have to hire an outside consultant to read our captures. Wireshark, being free of charge, allows us to use a very advanced tool at no cost. All packet analysis tools are non-trivial to learn and to use. Wireshark is perhaps the simplest of all that I've seen. It is mostly intuitive and well-designed.,Colasoft Capsa,Code42 (formerly CrashPlan), Dropbox, Adobe Photoshop,Wireshark is quick to use. Open it, and click Capture->Start to begin capturing packets. Wireshark can load/ingest data from other sources such as tcpdump, so offline analysis is easy. There are a lot of filters built into it, which are handy because you will capture thousands of packets very quickly. You'll need to use these filters.,I haven't found anything that's really difficult or cumbersome, but capturing wireless data can be challenging if your wireless network doesn't have some wireless connectivity.,10Wireshark - Perfect Tool for Network AdminsWe use Wireshark to troubleshoot network problems - both wired and wireless. It's not uncommon to get a ticket from a user stating that the network is "slow". Since that is always less then helpful, we usually (after basic troubleshooting steps) start a Wireshark capture closest tot he endpoint with the issue. Invariably, we are always able to find the issue - whether it's endpoint or switch related - or even if it's something downstream. We've managed to train some of the IT staff in how to do a capture - so even if they don't understand what they are looking at, they are familiar with grapping a pcap file for our review.,Displays data (network captures) in a logical, clear way that enables you to easily see what is happening on the wire. Provides expert help and color codes packet types so it's easy to quickly pick out different types of traffic. Separates the data into three panes so you can get an overview, packet details, and see string data.,Can be a little intimidating right out of the box.,10,Saves money by allowing me to see what's going on and gives me the ability to fix the issues myself. Otherwise, I would need to hire a consultant. You would not expect a carpenter to build a house without a hammer. He has other tools that he uses, but the hammer is an important one. Well, Wireshark is like that for anyone responsible for maintaining or managing a network. It's one tool - one very important tool.,,NTOP, AlienVault OSSIMA "dump" a day is a wonderful thing! A day is not complete without having used Wireshark.Troubleshooting of reported issues and verification of facts (i.e. that a certain protocol is being used).,Very powerful and easy to use (once you understand the basic interface). Free and easy to install. Flexible and can be used in many different scenarios.,Bring back the Legacy option! Improve the ease of use for some advanced functionality (such as decoding of video into H.264 or seeing the encryption type being used). Sometimes the GUI can become non-responsive when using RDP.,10,Because it is free and can be used on almost any system, this has made it very easy to have external parties install it and quickly get us real and tangible information on what might be going on. Due to its simple and powerful interface, it saves a lot of time when testing or triaging issues.,tcptrace and Microsoft Network MonitorGreat Tool to Network ToubleshootWireshark is used both in the network team and helpdesk team. It helps us to identify and troubleshoot network connectivity issues.,It can help us to determine the network issue such as if it would be at the application level or network routing issue. It also can identify how the source and destination communicate. It can track the network traffic to determine the actually network flow.,I find it's pretty easy to use and have been a fan of it.,10,It's absolutely positive as the app is free!,tcpdump, python and netbrainWiresharkWireshark is being used across our organization to trouble shoot all network related issues. We are also using it to trouble shoot application speed issues between locations.,Wireshark provides an immense amount of data. If the data is being sent you will be able to track it. Will flag some notable information if you don't know what you are looking for. Can analyze VoIP data as well.,It can be difficult to parse and filter data without working with Wireshark for a while. The amount of data can be overwhelming for first time users. We have had difficulties getting it to run properly with MacOS,7,We were able to track a speed issue in our ERP system to an issue with one of our switches, saved us from having to pay for the outside vendor to come in an analyse the situation. Saved $7500 easily. Wireshark is used often in our day to day.,tcpdump,Smart CPQ by FPX, Tableau Desktop, Microsoft Access, Microsoft SQL Server, Microsoft Visual Studio Team System,45,,Correcting network speed issues Tracking communication issues within internal applications,We were able to use wireshark to track down a communication issue with our ERP software and the database server it used to speed up the system considerably. Before that fix we were considering replacing the whole system.,Troubleshooting network issues as they arise.,10,Yes,Price Product Features,We wouldn't, Wireshark has worked out well for our organization.,Implemented in-house,No,None, was simple and easy.,10,Not many, there is a bit of a learning curve that exists with all competing software as well.,Filtering data can be difficult. Integrating with homegrown software is difficult.,7
Unspecified
Wireshark
38 Ratings
Score 9.2 out of 101
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>TRScore

Wireshark Reviews

Wireshark
38 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow'>trScore algorithm: Learn more.</a>
Score 9.2 out of 101
Show Filters 
Hide Filters 
Filter 38 vetted Wireshark reviews and ratings
Clear all filters
Overall Rating
Reviewer's Company Size
Last Updated
By Topic
Industry
Department
Experience
Job Type
Role
Reviews (1-5 of 5)
  Vendors can't alter or remove reviews. Here's why.
Kenneth Hess profile photo
September 25, 2018

Review: "Wireshark is free for those who like to snoop without limitations"

Score 10 out of 10
Vetted Review
Verified User
Review Source
We/I use Wireshark to capture and to analyze both wireless and wired network traffic. It is an absolutely required tool for any system administrator or network administrator. Our entire IT department uses it. Wireshark is both free and open source software, which, for what it does, saves us a lot of money. This graphical tool is easy to use and makes network packet analysis far less painful than if we had to rely just on the command line. Using Wireshark, we can analyze network traffic for further analysis ourselves or we can capture it and send it as a pcap file to a security consultant for further investigation. It is an essential part of our administrative toolbox.
  • Wireshark is easy to use and to collect network traffic with.
  • Wireshark color codes network packets based on which type of packet has been captured. This makes the analysis much quicker.
  • Wireshark has a lot of different filters that can be applied either during capture or during analysis to filter out uninteresting packets from the feed.
  • You can download and use a standalone (not installed) version to run on USB thumb drives or other external media in case you want to analyze a potentially compromised system in place.
  • Wireshark requires elevated privileges, which can either be bad or good depending on your perspective.
  • It has the standard disadvantage of capturing packets that might not reflect actual network traffic because the data is captured locally. Not a flaw of Wireshark, specifically, but of any locally run sniffing software.
  • It can be confusing for new users to see all the columns and colors. You can do a lot of customization but it takes some effort.
Wireshark is best suited to capturing and analyzing network traffic data. It is not an intrusion detection system (IDS), or a honeypot, or any real-time security tool. Offline analysis is where Wireshark shines. Take a capture using it or some other tool and load it into Wireshark for extensive analysis. Wireshark is great for forensic analysis of network traffic. You can find malformed packets, attack signatures, suspicious traffic, etc. Nothing gets by Wireshark.
Read Kenneth Hess's full review
Matthew Frederickson profile photo
March 03, 2018

Review: "Wireshark - Perfect Tool for Network Admins"

Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Wireshark to troubleshoot network problems - both wired and wireless. It's not uncommon to get a ticket from a user stating that the network is "slow". Since that is always less then helpful, we usually (after basic troubleshooting steps) start a Wireshark capture closest tot he endpoint with the issue. Invariably, we are always able to find the issue - whether it's endpoint or switch related - or even if it's something downstream. We've managed to train some of the IT staff in how to do a capture - so even if they don't understand what they are looking at, they are familiar with grapping a pcap file for our review.
  • Displays data (network captures) in a logical, clear way that enables you to easily see what is happening on the wire.
  • Provides expert help and color codes packet types so it's easy to quickly pick out different types of traffic.
  • Separates the data into three panes so you can get an overview, packet details, and see string data.
  • Can be a little intimidating right out of the box.
Wireshark is awesome for troubleshooting network issues. It gives you a direct view into what is happening on the wire. It takes the guesswork out of knowing what is happening on the wire - you can tell whether there are delays from web sites; file servers; voice issues. Yes - it is great for troubleshooting SIP traffic also.

It does not do massive file captures; it does not do a good job on massive packet capture files. If you are capturing traffic on a ten-gig or higher port, use tcpdump or some other mechanism to grab the data. Then use tshark (or one of the other included tools) to parse out what you need (time range, or specific type of traffic) to analyze inside wireshark.
Read Matthew Frederickson's full review
Ari Robinson profile photo
November 29, 2017

Review: "A "dump" a day is a wonderful thing! A day is not complete without having used Wireshark."

Score 10 out of 10
Vetted Review
Verified User
Review Source
Troubleshooting of reported issues and verification of facts (i.e. that a certain protocol is being used).
  • Very powerful and easy to use (once you understand the basic interface).
  • Free and easy to install.
  • Flexible and can be used in many different scenarios.
  • Bring back the Legacy option!
  • Improve the ease of use for some advanced functionality (such as decoding of video into H.264 or seeing the encryption type being used).
  • Sometimes the GUI can become non-responsive when using RDP.
Anytime you want to see what is happening between point A and point B on the network.
Obviously, it can't be used when trying to capture communication between one socket and another socket on the same machine.
Read Ari Robinson's full review
Yuan Sun profile photo
March 31, 2017

Wireshark Review: "Great Tool to Network Toubleshoot"

Score 10 out of 10
Vetted Review
Verified User
Review Source
Wireshark is used both in the network team and helpdesk team. It helps us to identify and troubleshoot network connectivity issues.
  • It can help us to determine the network issue such as if it would be at the application level or network routing issue.
  • It also can identify how the source and destination communicate.
  • It can track the network traffic to determine the actually network flow.
  • I find it's pretty easy to use and have been a fan of it.
It's one of the best network tools for our network engineers.
Read Yuan Sun's full review
No photo available
November 04, 2016

User Review: "Wireshark"

Score 7 out of 10
Vetted Review
Verified User
Review Source
Wireshark is being used across our organization to trouble shoot all network related issues. We are also using it to trouble shoot application speed issues between locations.
  • Wireshark provides an immense amount of data. If the data is being sent you will be able to track it.
  • Will flag some notable information if you don't know what you are looking for.
  • Can analyze VoIP data as well.
  • It can be difficult to parse and filter data without working with Wireshark for a while. The amount of data can be overwhelming for first time users.
  • We have had difficulties getting it to run properly with MacOS
Wireshark can be used to find speed issues for an internal application slowing down between geographical locations. Wireshark works well for tracking down unmanaged switches and hubs that are causing issues in our network.

If you have no idea what your are looking for, Wireshark may not be the way to go. Also when tracking issues with a web application, as there are easier tools to use for that.
Read this authenticated review

About Wireshark

Wireshark is an open source network troubleshooting tool.

Wireshark Technical Details

Operating Systems: Unspecified
Mobile Application:No