@sicarie
tshark work similarly as tcpdump...
It has some advantages like you can specify filters ti capture the packets..
For example, If we want to capture the udp packets on port 5060 and put the result in some file..we can specify following command
tshark -f "udp port 5060" -i <interface> -w <file name>
Most of the time you'll get the packets trimmed..that it capture size is limited by default..so you can specify -XX and -s options for extensions and size resp..
If you've used the wireshark and its filter you would rather feel the power of tshark in terms of filter..
Again, writing filters is skill...I mostly used simple filters like I've written above..