How to get the equivalent of "grep -A 1" ?
I want to do a filter to match a UDP payload as follows:
udp.payload contains "AT_SYS"
but I also want to capture the packet that comes immediately after it. If I were using the Linux program 'grep' at the command line, and if each UDP payload were one line of text, then I'd do this:
cat network_packets.txt | grep -A 1 "AT_SYS"
Is Wireshark capable of this kind of filtering whereby it can grab the preceeding/subsequent packet?
Not really, Wireshark filtering is built around a packet and whether any specific packet should be captured\displayed is dependent on whether the packet passes the filter test.