When looking at the Expert Information console, there are five possible categories that indicate the severity of the issue, as shown here:
|
Category |
Color |
Meaning |
|
Error |
Red |
Possible serious issue—the highest warning, such as a malformed packet, or new fragment overlapping old data. |
|
Warning |
Yellow |
This indicates a warning, which means there may be problems that you will want to investigate further. |
|
Note |
Cyan |
General notes of interest that, many times, are part of a connection, that is, a TCP keep-alive packet. Notes can also list unusual errors or a nonstandard use of a protocol such as reusing previous session keys in a Transport Layer Security (TLS) conversation. |
|
Chat |
Gray |
Specifies typical workflow and state change such as a connection finish or a Windows update. |
|
Comment |
Green |
Indicates that there is a comment found in at least one of the packets. |
Having a visual of the issues in the packet capture is helpful, but there are even better ways to present the information. In the next section, we'll learn about ways to sort, search, and display the data.