This is related to this question: How to Capture Remote System network traffic?
I would like to be able to export live traffic captured on a Linux server and to view that in real time on my Windows machine.
Please do not suggest SPAN or RSPAN because it does not apply to my needs. This is about internal traffic (VM traffic) that tshark can see without any problems, I would just like to watch the traffic on my desk (Windows machine) with Wireshark
You should use the tool rpcapd in the machine (A) that you want to capture the traffic:
rpcapd -n -p <port>
With -n is launched without authentication
Finally, in the other machine (B) go to Wireshark > Capture > Interfaces > Options > Manage Interfaces > Remote Interfaces
And you should see the traffic of Machine (A)