A network endpoint is the logical endpoint of separate protocol traffic of a specific protocol layer. The endpoint statistics of Wireshark will take the following endpoints into account:
If you are looking for a feature other network tools call a hostlist, here is the right place to look. The list of Ethernet or IP endpoints is usually what you’re looking for.
Endpoint and Conversation types
|Broadcast and multicast endpoints|
Broadcast and multicast traffic will be shown separately as additional endpoints. Of course, as these aren’t physical endpoints the real traffic will be received by some or all of the listed unicast endpoints.
This window shows statistics about the endpoints captured.
For each supported protocol, a tab is shown in this window. Each tab label shows the number of endpoints captured (e.g. the tab label “Ethernet · 4” tells you that four ethernet endpoints have been captured). If no endpoints of a specific protocol were captured, the tab label will be greyed out (although the related page can still be selected).
Each row in the list shows the statistical values for exactly one endpoint.
Name resolution will be done if selected in the window and if it is active for the specific protocol layer (MAC layer for the selected Ethernet endpoints page). Limit to display filter will only show conversations matching the current display filter. Note that in this example we have MaxMind DB configured which gives us extra geographic columns. See Section 11.10, “MaxMind Database Paths” for more information.
Thebutton will copy the list values to the clipboard in CSV (Comma Separated Values) or YAML format. The button will show the endpoints mapped in your web browser.
Section 8.6, “Endpoints” above for a list of endpoint types. The enabled types are saved in your profile settings.lets you choose which traffic type tabs are shown. See
This window will be updated frequently, so it will be useful even if you open it before (or while) you are doing a live capture.