Optigo Logo to return to homepage

How to Filter for BACnet Data in Wireshark

a computer screen displaying multicolored lines of code
In just five steps, you can export a packet capture (pcap) from Wireshark that only includes BACnet. From there, upload into OptigoVN and start digging into those packets! Check out the video below.

New to Optigo Visual Networks and aren’t sure how to get just your BACnet data into the system? Or maybe your IT department is super security-conscious and wants to make sure you’re filtering any sensitive data out of your captures.

Let’s quickly review how to create a PCAP file in just a few simple steps that’s both compatible with OptigoVN’s diagnostic systems, and won’t contain any sensitive data you’re team might worry about.

How to Set up a Wireshark Filter

To start, you’ll want to create a filter for BACnet data in Wireshark to ensure you don’t export and save sensitive IT data. Wireshark is a free and easy way to perform remote data packet capture of your network traffic data when you need to troubleshoot.

In just five steps, you can export a packet capture (PCAP) from Wireshark that only includes BACnet. From there, upload into OptigoVN and start digging into those packets! Check out the video below.

Step by Step:

1. Open a capture in Wireshark, or start a new capture.

2. Navigate to the top filter bar on the left-hand side.

3. Enter bacnet || bacapp and click Apply. Note: if you have BBMDs on your network sending BBMD-specific requests, you may also have to include “bvlc” in your filter (so, “bvlc || bacnet || bacapp”). 

4. Export the specified packets (all those displayed) as .pcap files by going to File > Export Specified Packets.

5. Upload into OptigoVN, and start troubleshooting!

While these best practices are generally sufficient to help diagnose and resolve problems, it’s not uncommon to have issues that occur outside of normal working hours, making them difficult to troubleshoot without a technician on site. In all cases, we highly recommend using our plug-and-play, Optigo Networks Hardware Capture Tool for all BACnet MS/TP packet capture activities, or installing our free Optigo Networks Software Capture Tool (available as a Windows or Linux application) for BACnet IP or BACnet Ethernet captures. 

Both tools allow you to quickly configure your PCAP to upload directly to OptigoVN for diagnostics, as well as configure your PCAP sessions to our recommended lengths. You can also schedule packet capture sessions to occur whenever you like, to ensure you have up-to-date snapshots of your network state. This way, network changes are quickly identified and notifications can alert you to any issues. 

Share This Post

Get Regular Updates to Your Inbox

Need Help Solving BACnet Issues?

Optigo Visual Networks is the industry leading software for troubleshooting and monitoring building automation networks, and it’s free!

An image of a laptop displaying the results of a diagnostic report run from Optigo Visual Networks SaaS app.