Wireshark

This is an essential tool for troubleshooting problems.

I did get stuck on creating a filter for the command line and finally figured out I needed quotes

tethereal -i eth2 -f "host 8.8.8.8" -w /mounts/logs/mycapture.pcap

-i = interface
-f = filter - use the same filters as the GUI, but put them in quotes
-w = output

For analysis, the GUI is the only way to go.