Networks need to be available nearly 100 percent of the time. A single device failure, malware, or misconfiguration can significantly impact network performance. In this chapter, we reviewed how we measure performance using three main metrics: latency, throughput, and packet loss. We then looked at a few of the many tools Wireshark provides us with in order to identify trouble on the network. 

We learned how coloring rules can highlight specific types of traffic. In addition, we discovered how any of the rules can be edited, deleted, or moved up or down in priority. We also looked at the Intelligent Scrollbar, which provides a visual so that we can easily spot and further investigate trouble in the capture.

We learned about the importance of time values and how they factor in latency issues. The expert system helps to alert the network administrator on possible issues once a capture has been made. The Expert Information console is an easy-to-use GUI that can be used to drill down on specific issues as it can subset the errors, warnings, notes, and chats.

In the next chapter, we will cover ways to work with large packet captures and break them into smaller files for analysis. We will look at filtering packets to narrow down the results, as well as, reasons and ways to add comments to a single packet or an entire capture. We will then conclude with the many ways and formats that allow us to save and export packet captures.