How can I search within data, specifically in the TCP segment data?
I've completed the original task I started out trying to accomplish (dissecting four customer captures, looking for one particular packet in each one), but I'm trying to learn from the experience and understand if there's a more effective way of filtering packets. I was looking for a specific string that appears in the TCP segment data. When I Googled, I found a search field for data-text-lines but this does NOT return the packet I'm trying to find, and I can't tell where in the packet that field actually searches for. But it was not what I needed.
So I'm trying to figure out if there's a way of searching in that specific field. If I start by typing "tcp" into the filter field, it shows a few options (tcp.port, tcpcl, tcpencap, and tcpros), but none of them look like they would apply, nor does <filtername> contains "data_string"> return the one packet with the correct string I need.
Anybody have any suggestions on how to accomplish this?
