This is in regards to the Intro to Network Traffic Analysis module, Capturing with tcpdump Fundamentals Lab.

As the title suggests, I can not find the correct pipe switch to use for tcpdump. I know I can do the following:
tcpdump -r file.pcap | grep “string”
But HTB academy is looking for something specific. I’ve tried countless variations but to no avail. Can anyone point me in the right direction in order to find the right switch? I’ve checked the man page, google, and duckduckgo.

edit* I found the correct answer. It seems like I can pipe into grep or other functions without the switch asked for. If someone know details about this without spoilers, please let me know.

Most manual pages for Unix commands or tools can be opened with

man command

The tcpdump manual page man tcpdump contains a list of switches. There are switches that refer to pipe. tcpdump has different output format. So the grep results can depend from the switches used.

You can search the manual page by typing /searchtext and jump to the next find by typing n.