1 | initial version |
Wireshark does provide some automated help in this area via its "Analyze -> Expert Information" feature, but ultimately it's up to the user to determine what is or isn't "business as usual" or not. There are other tools out there that can help analyze capture files though, so you might want to have a look at some of those listed at https://wiki.wireshark.org/Tools.