One of the main advantages of Tshark against Wireshark is the flexibility to play with the inputs and outputs from the command line. Thanks to this, we can write small scripts to automate different kind of tasks.
Throughout this book, we have seen many examples using various parameters of Tshark. In practice, you may not remember many of these options due to the vast amount of existing parameters. Apart from using Help from the command line (
-h), remember that you can take advantage of the Linux shell to permanently save many Tshark instructions, saving you a lot of time.