You create a new network namespace, that will be isolated from your regular network, you use a virtual network interface and iptables to make the traffic from it reach your regular network. Then you start an application and wireshark in that namespace and then you have a trace of that application.
I took that idea and made it into a small program, hosted on github, nsntrace.
> nsntrace usage: nsntrace [-o file] [-d device] [-u username] PROG [ARGS] Perform network trace of a single process by using network namespaces. -o file send trace output to file (default nsntrace.pcap) -d device the network device to trace -u username run PROG as username
It does pretty much the same as the askubuntu thread above describes but with just one step.
> sudo nsntrace -d eth1 wget www.google.com Starting network trace of 'wget' on interface eth1. Your IP address in this trace is 172.16.42.255. Use ctrl-c to end at any time. --2016-07-15 12:12:17-- http://www.google.com/ Location: http://www.google.se/?gfe_rd=cr&ei=AbeIV5zZHcaq8wfTlrjgCA [following] --2016-07-15 12:12:17-- http://www.google.se/?gfe_rd=cr&ei=AbeIV5zZHcaq8wfTlrjgCA Length: unspecified [text/html] Saving to: ‘index.html’ index.html [ <=> ] 10.72K --.-KB/s in 0.001s 2016-07-15 12:12:17 (15.3 MB/s) - ‘index.html’ saved  Finished capturing 42 packets. > tshark -r nsntrace.pcap -Y 'http.response or http.request' 16 0.998839 172.16.42.255 -> 184.108.40.206 HTTP 229 GET http://www.google.com/ HTTP/1.1 20 1.010671 220.127.116.11 -> 172.16.42.255 HTTP 324 HTTP/1.1 302 Moved Temporarily (text/html) 22 1.010898 172.16.42.255 -> 18.104.22.168 HTTP 263 GET http://www.google.se/?gfe_rd=cr&ei=AbeIV5zZHcaq8wfTlrjgCA HTTP/1.1 31 1.051006 22.214.171.124 -> 172.16.42.255 HTTP 71 HTTP/1.1 200 OK (text/html)
If it is something you might have use for or find interesting, please check it out, and help out with patches. It turns out I have a lot to learn about networking and networking code.
All the best!