top | item 47133923

(no title)

Great idea, would it be possible to make it possible to add my own custom tshark one liners under weird stuff? For example, sometimes I find myself troubleshooting TCP retransmission issues that is specific to proprietary applications and that may not be relevant everyone else to have by default.

As an aside, I was thinking about something similar to this tool for a while now after seeing this post (https://news.ycombinator.com/item?id=46723990) where someone was using Claude to troubleshoot a PCAP. It made me think that it would be nice just to have a nice collection of tshark one-liners to quickly weed out any weird stuff right off the bat. I would assume that it would be a lot more performant than using a LLM and more scalable if you have large PCAP files.

discuss

eigen-vector|7 days ago

absolutely. May be the best way to do this would be some kind of a recipe store where the user can run (we can fuzzy match?) tshark oneliners. I'd love your thoughts on what the easiest/quickest integration would be.