There are lots of blogs about this already - but I didn’t quite understand at first so here’s my take …

Wireshark is a large and somewhat vulnerable program - best not to run it as root (especially as you may be looking a suspicious traffic)