[toast0]

> Why not just look up manual or google instead of wasting time on laborious packet inspection.

When you've got a load balancing layer, and virtual machines, and interacting with the real world, there's a reasonable chance that the problem is not a (relatively) simple application configuration issue. If you've looked through enough of these, getting a pcap (especially with an identified customer) and looking through it with Wireshark is relatively quick.

[navinsylvester]

I could have worded it better like "why packet inspection to start with".

[sethammons]

I love packet inspection, but I always feel that if I have to go to that depth, then we missed an opportunity to have observability (metrics/logging) earlier.

[toast0]

Because pcap lies a lot less than everything else.