Submit a ticketCall us

whitepaperYour VM Perplexities Called, and They Need You to Read This.

Virtualization can give you enormous flexibility with future workloads and can be a key enabler for other areas, like cloud computing and disaster recovery. So, how can you get a handle on the performance challenges in your virtual environment and manage deployments without erasing the potential upside? Learn the four key areas you need to be focusing on to help deliver a healthy and well-performing data center.

Get your free white paper.

Home > Success Center > Orion Platform > Orion - Knowledgebase Articles > How to capture packets from a specific IP address without Wireshark

How to capture packets from a specific IP address without Wireshark

Updated January 23, 2018

Overview

This article explains how to capture a packet from a specific IP address when the customer is not running Wireshark in their corporate enterprise. 

Environment

  • Windows 7
  • Windows Server 2008 and higher

Steps

1. Start the trace

Execute:

netsh trace start capture=yes IPv4.Address= $device_ip  tracefile=c:\temp\nettrace-boot.etl

where tracefile=c:\temp\nettrace-boot.etl is the location of the trace output. You can update this path to any valid path you choose. 

2. Stop the trace

Execute:

netsh trace stop

3. Examine the results

When the trace is completed, ask the customer to send you the file. 

When you receive the file, examine the package using Microsoft Message Analyzer. (© 2018 Microsoft Corporation, available at http://technet.microsoft.com/, obtained on January 23, 2018)

 

 

Last modified

Tags

Classifications

Internal Use Only