Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
ms:win:trace [2019/11/04 15:37] jsms:win:trace [2019/11/04 15:39] (current) js
Line 4: Line 4:
  
 You have to load the etl file to "Microsoft Network Monitor" and export it to cap. You have to load the etl file to "Microsoft Network Monitor" and export it to cap.
 +
 +On the website [[http://www.tech-wiki.net/index.php?title=How_to_capture_traffic_with_no_Wireshark_using_netsh]] 
 +
 +I found the following powershell code to convert it:
 +<code powershell>$s = New-PefTraceSession -Path “C:\temp\OutFile.Cap” -SaveOnStop
 +$s | Add-PefMessageProvider -Provider “C:\temp\capture.etl”
 +$s | Start-PefTraceSession</code>
  
 <code>netsh trace start capture=yes protocol=17 </code> <code>netsh trace start capture=yes protocol=17 </code>

Page Tools