I would like to capture SSL or HTTPS traffic only in Wireshark, this is not something that can be filtered after due to the length of the time I would be recording the data after and the size of the .pcap file.
There are capture only filters for TCP or UDP (tcp port http) for example.
I have configured it to use tcp port https
but it sill seems to have other unrelated junk data. Is there a better way of capturing HTTPs/SSL data?
Bonus, can I dump this to a network disk instead of pcap'in and storing on the same box?
ssl
?