this is my favorite use of tcpdump, as a "just show me basic prints" live version of wireshark, which is like 90% of the time mostly what I want. Usually when I'm debugging stuff and am reaching for wireshark/tcpdump, I'm mostly just trying to figure out if traffic is hitting the right ports at all, and then only sometimes do I even care about metadata (packet size / count etc) and it's very rare I care about actual payload (not that you can even usually see it easily nowadays anyway since everything is TLS).

recent example: used tcpdump -X to debug why my wireguard setup wasn't working, since with UDP you just kind of get a shrug as to why or at what hop the udp packet got lost or filtered. So I ssh'd to all the middle boxes and just tcpdumped the UDP ports I was interested in.