Let's say I want to monitor [A] application and it's not running yet
When I start Wireshark it will show me everything happening in my network adapter
so then I filter these packets like this
(((((((((((((((((((((((((((((((((((((((((((((((((((((((((!(ip.addr == 192.168.2.3) && !(smb2)) && !(ip.addr == 192.168.2.1)) && .....
you can see from the number of parentheses how long my filter is
after that I see a clean view with almost no packets
now I run [A] application and I will see almost only [A] traffic in the view
is there a shorter way to achieve this without making all of these filters manually?
like add "everything" in the current view to the filter
then I start [A] to monitor it alone