I'm new to wireshark and was wondering what filters you should use to be able to tell which devices are actively communicating on the local area network. By active I mean devices that are both receiving and responding to traffic. I just opened a Pcap file that has thousands of packets so I'm having trouble figuring out how to remove the packets where, for example, a computer only sent out information and then shut down so it couldn't receive anything and is therefore not active.
