Karim Zaki

Network trace without netmon


Network trace without netmon

netsh trace start capture=yes tracefile=D:\trace.etl

netsh trace stop

copy the ETL file to computer with netmon installed

then go to the computer where you have the netmon installed

open the ETL

After you open the file

You will find the following view

 The parsers will have a problem

If you look at the description you will find

Windows stub parser: Requires full Common parsers.

Now turn on some parsers

Go to tools —- options



Now it is working fine


Ref: https://enblog.alex-trofimov.com/2011/06/20/network-trace-without-netmon-wireshark-etc/

Unknown's avatar

Published by Karim Zaki

• MBA Major MIS • MCP (Microsoft Certified Professional) Windows XP. • Microsoft Certified in (Managing and Maintaining Microsoft server 2003). • Microsoft Certified in (implementing, Managing, and maintaining a Microsoft windows server 2003 infrastructure) • Microsoft Certified in (Maintaining a MS Win Server 2003 Active Directory) • MCSA 2003 • ISA 2006 Microsoft Internet Security and Acceleration Server 2006, Configuring • MCTS Microsoft Certified Technology specialist • MCITP 2008 (Microsoft Certified IT professional) • MCSA 2012 Server (Microsoft Certified solution Associate) • AZURE Administrator Associate (AZ-103) • MS 365 Identities and services (MS-100) • MS 365 Mobility and security (MS-101) • Microsoft 365 Certified: Security Administrator Associate (MS-203) • Microsoft 365 certified enterprise administrator expert (MS-500) • Messaging Administrator Associate (MS-203) • Azure Security Engineer Associate (AZ-500) • Information Security: Context and Introduction • Microsoft Security Operations Analyst

2 comments

Leave a reply to kazaki82 Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.