netmon and netsh trace(Windows Network Anaylsis)
Netmon
- Download and install NetMon.exe on both server and client.
- Create a folder, such as "D:\netmon".
(Make sure it has enough space for log saving.) - Capture the IP and Port Information:
CMD (run as admin):
ipconfig /all >D:\netmon\IP.txt
netstat -abno > D:\netmon\ServerNetstat.txt - Capture the Netmon Trace (network package):
- cd C:\Program Files\Microsoft Network Monitor 3
- Option a - Round Robin File (limit by 200M, overwrite if file size exceeds 200MB)
nmcap /network * /capture /file D:\netmon\ServerConnection.cap:200M - Option b - Chained File - New file is created for every 200M
nmcap /network * /capture /file D:\netmon\ServerConnection.chn:200M - Option c - Scheduled File
nmcap /network * /capture /StartWhen /Time 09:00:00 AM 10/28/2021 /StopWhen /Time 11:30:00 AM 10/28/2021 /file D:\netmon\ServerConnection.chn:200M - Option d - capture network package from both IP via GUI.
Reference: Using the Network Monitor Tool - Windows drivers | Microsoft Docs
Netsh
In case of the netmon does not work, netsh command can be used:
Open Command Prompt as administrator:
- run the following command to start the collection:
netsh trace start capture=yes maxsize=2048 tracefile=c:\temp\SQL.etl
Note: maxsize and tracefile can be changed accordingly. - Then reproduce the issue.
- Stop the collection by running the following command:
netsh trace stop - Create a folder, such as "D:\netmon".
(Make sure it has enough space for log saving.) - Capture the IP and Port Information:
CMD (run as admin):
ipconfig /all >D:\netmon\IP.txt
netstat -abno > D:\netmon\ServerNetstat.txt
Comments