Hello Jim
Just a clarification first. The filters that are applied don’t actually generate traffic. They are used to filter out particular packets that have specific characteristics on traffic that has already been generated and captured. Because you’re using the term “generate traffic” for these, I just wanted to make sure that your meaning was consistent.
So before you actually put in filters for particular sites or for particular protocols, make sure that you’ve generated and captured traffic that will contain those packets. There’s no use searching for http.host==“microsoft.com” for example if you haven’t captured traffic from an attempt to view their web page.
So when using these filters, you first must generate traffic that will contain packets that will match the filters you are using. Because most sites today use HTTPS for security purposes, to filter out those particular packets, you should use the tcp.port=443 option. If there is HTTPS traffic within the captured packets, then this filter will display them, but you will not be able to see the actual data being transferred as this is encrypted.
There is no such filter as https.host so you can’t use that.
If you want to capture HTTP traffic, simply find a site that still uses HTTP and capture traffic from your web session there. There are still some sites that use HTTP instead of HTTPS, and if you do a search online you should be able to find some. At the time of the writing of this post, I was able to find http://nginx.org/ that still uses HTTP. So try using that one, or find another.
If you generate HTTP traffic, you will be able to use either tcp.dstport==80 to filter out all HTTP traffic regardless of the destination, or you can use http.host=="ngnx.org" to filter out HTTP traffic with a particular domain name destination.
I hope this has been helpful!
Laz