see tshark manpage for options
Whilst wireshark is a great GUI for analyzing network traffic, it does suffer from many of the same faults as other GUI applications; speed, bloat, etc. tshark is much snappier at certain tasks and benefits from the strengths of all command line apps such as the ability to grep, filter and manipulate the data more easily. Even if you're a big wireshark fan I urge you to give tshark a try.
Output to a file (file must have correct permissions)
$ touch diameter.cap && chmod 666 diameter.cap $ sudo tshark -w diameter.cap
Filter all packets with a diameter command code of 271
$ tshark -r diameter.cap -R 'diameter.cmd.code == 271'
Output in full markup langage (-Tpdml)
$ tshark -r diameter.cap -R 'diameter.cmd.code == 271' -Tpdml
Output in summary markup langage (-Tpsml)
$ tshark -r diameter.cap -R 'diameter.cmd.code == 271' -Tpsml
Filter on specific diameter fields and output certain fields
$ tshark -r diameter.cap \ -R 'diameter.cmd.code == 271 and diameter.flags.request==1' \ -Tfields \ -ediameter.cmd.code \ -ediameter.Value-Digits \ -ediameter.Exponent \ -ediameter.Currency-Code \