How can you view the application-level traffic between the bot program and master computer in wireshark?

Let's say that you received a sample pcap file of network traffic from a botnet. A botnet is network of infected computers enslaved by master computer, which can be used to send spam email or initiate a denial of service attack. you open the pcap file in wire-shark and you see stream of TCP packets. How can you view the application-level traffic between the bot program ans master computer in Wire-shark.