tshark puts Wireshark's full dissection engine on the command line — the right tool for analyzing pcap files on remote servers or inside CI pipelines. This guide covers protocol filtering with display filters, extracting named fields into tab-separated output, and generating traffic statistics without opening a GUI.