Wireshark is a great tool for sniffing network traffic. It contains several pre-defined filters for various protocols – and yes, also OPC UA!

It can be a valuable tool, if you need to investigate what traffic is going between an UA client and server by revealing the contents of every packet – unless of course, you have enabled encryption on the connection!

There is one important setting that you need to take care of. Once you have started it for the first time, go to Edit-Preferences-Protocols-OpcUa. You must define the port numbers that may contain UA traffic in order to make the opcua protocol filter to work.

You can then just start capturing packets. If you filter with “opcua”, you will only get OPC UA packets.

As you can see, it can parse the UA packets down to every parameter for display in the log!

You can further filter by the port number, etc. Use the Expression editor to build your own filter.

There is also a tutorial about the filters available at OpenManiak.