Month: May 2025

Monitoring real-time traffic on your MikroTik router can help you troubleshoot network issues, analyze bandwidth usage, and detect suspicious activity. One of the most powerful tools for traffic analysis is Wireshark, and luckily, MikroTik RouterOS provides a way to stream packet captures directly into it.

1. Start the Packet Sniffer on MikroTik

   • Goto Tools > Packet Sniffer
   • Streaming Service: Enabled
   • Server IP: Your Wireshark target
   • Port: 37008
   • Optional IP filter to reduce capture volume
   • Interface: bridge
   • IP-Adress, ...

2. Capture in Wireshark

   • Goto startscreen capture section or Capture -> Options
   • Select incomming interface, e.g. Ethernet
   • Capture filter for selected interface: udp port 37008
   • Start capture

3. Optional: Save filter

   • In Wireshark menu, click on Capture and then select Capture filters.
   • Click on + and add the filter with a name e.g. MikroTik Sniffing and udp port 37008 as filter

4. Start sniffing in RouterOS

   • Click on Start to start the sniffing.
   • In Wireshark you should now see the incommung packages
   • To stop the sniffng, click Stop in RouterOS