Gerald and I actually discussed that when I was prepping the video. In our minds eye, it's a great idea....implementing it is a different challenge. You'd need all the column titles for the packets, and then the column titles for the system calls, so it would be difficult to do in one application. However, one thing we discussed is a future feature where you could click on a packet in Wireshark, and it would be linked to Stratoshark to show you the correlating event.

The Wireshark profile is the default profile with a column added for TTL. In the comments, I have a link to a blog post by Josh Clark who discusses how to install all the necessary components (which is also linked on Stratoshark.org) Stratoshark is installed on your Mac, and sysdig gets installed on your linux server.

@BagurdesTechnology i can see some color grading you used for syn which is not on my default ..so asked ..anyway no issue thanks for the informative video

I see that now. I have no idea why I added that in there. Sometimes I do demonstrations where I change colorization rules, for the sake of showing how to do it. If you find it useful, please use it! here is a link to that profile: www.dropbox.com/scl/fi/xhoicef9bydfnhnfv5s1x/Main-Profile.zip?rlkey=6jlk8zwqkna9c7qqrrug5xpr4&dl=0

@@BagurdesTechnology thanks