Analysis Configuration

Packet Viewer uses Wireshark’s profile system to control how packets are decoded, displayed, and analyzed. This section covers configuration options that affect packet analysis behavior.

For deploying profiles to your container, see Profiles in the Deployment Guide.

Configuration Topics

Decode Options - Control protocol decoding, color filters, and display options
Filter Menu - Configure predefined display filters for one-click access
Name Resolution - Convert IP addresses and MAC addresses to readable names
GeoIP - Add geographic information for IP addresses
Protocol Decryption Decrypt encrypted protocols like TLS and SMB

Profile vs. Global Configuration

Global configuration applies when no profile is specified or when a profile doesn’t include a specific setting. Global files are located in /usr/cloudshark/share/wireshark/ within the container.

Profile configuration overrides global settings when a profile is active. This allows targeted configuration for specific analysis scenarios without affecting other uses.

Standard Wireshark Compatibility

All configuration files and formats documented in this section are standard Wireshark functionality. This means:

Wireshark documentation applies to Packet Viewer
Profiles created for Wireshark desktop work in Packet Viewer
Configuration expertise from the Wireshark community is directly relevant
Profiles are portable between Wireshark and Packet Viewer environments

For complete details on Wireshark’s profile system, see the Wireshark User’s Guide - Configuration Profiles.

Product

Search Results

Analysis Configuration

Configuration Topics

Profile vs. Global Configuration

Standard Wireshark Compatibility