Laura Chapel has several articles and books on learning Wireshark. I would start with her information and really spend some time creating situations within the WLAN and monitoring them. When you become more familiar with how the traffic looks in given situations in a controlled setting, diagnosing the behavior in a live network will be easier. You can't bead experience.
Here's a suggestion:
- Think about all the things you want to learn from captures
- Identify what parts of the 802.11 frame you need to match (or not match); you can get the 802.11 spec available for free now
- Use the dissector view to see what the name of the field is (I think you can match the whole type/subtype field by referring "wlan.type_subtype"). You can highlight the field in the dissector view, and the status bar at the bottom will tell you the name. The field itself will be highlighted in the raw data view.
- Don't show me the Beacons
- Don't show me any ACKs (which are kinda annoying since the ACK doesn't have a sender anyway!)
- Show me all retransmitted frames
- Show me all frames transmitted at 1 Mbps (I think this requires getting the interface into a privileged monitor mode to get the radiotap headers)
- Don't show me any broadcast frames
- Only show me traffic sent from client devices through the AP