get all the HTTP requests whose response codes are 500 or above.

Normally, you can't filter packets (HTTP requests) based on an attribute of different packets (HTTP responses). However, in in the case of HTTP, if the response is present in the trace, Wireshark will put a field (http.response_in) in the request listing the packet that has the response. If the response is not present in the trace, Wireshark does not insert the http.response_in field. We can use the Ignore Packet function and the presence or absence of the http.response_in field to find the requests that we want.

To show only requests whose response codes are 500 or above:

1. Apply a display filter of "http.response.code < 500" These are the responses to the requests that we don't want.
2. Select "Edit > Ignore All Displayed Packets"
3. Apply a display filter of "http.response_in"

You will now see only the requests whose responses are present in the trace and that had a response code of 500 or higher. If you want to see both the requests and their responses, change the display filter in step 3 to "http.response_in || http.response.code".

Remember to select "Edit > Unignore All Packets" when you're done. Wireshark treats ignored packets as if they are not present, and they will not match any display filters, nor will they be included in any graphs.

Variations of this technnique can be used with any request/response protocol where Wireshark calculates and provides links between the requests and responses.