Docs

• http://www.rationallyparanoid.com/articles/tcpdump.html
• http://bencane.com/2014/10/13/quick-and-practical-reference-for-tcpdump/
• https://hackertarget.com/tcpdump-examples/

Tools

• wireshark

FAQ

human readable output

tcpdump -lnX

look for host and port

tcpdump -i ens192 host 192.168.101.3 and tcp port 993

tcpdump: NFLOG link-layer type filtering not implemented

Try adding interface (-i)