Network Monitor : Using NMCap
Once istalled open a command prompt and change directory to C:\Program Files\Microsoft Network Monitor 3:
NMCap.exe /network * /capture /stopwhen /timeafter 1 min /file issue.cap
You should now recreate your issue, to extend the capture window increase the value in red.Using /capture followed by no filter captures all traffic.
Recreate the issue then ctrl-c the window with NMcap running in it. You can also filter captured results, for example HTTP only:
NMCap.exe /network * /capture “HTTP” /stopwhen /timeafter 1 min /file issue.cap
Or to capture HTTP traffic for a specific IP address:
NMCap.exe /network * /capture “(HTTP || DNS ) && IPv4.Address == 192.168.1.1” /stopwhen /timeafter 1 min /file issue.cap
You can also reprocess capture files to generate filtered captures, for example to extract HTTP only traffic from the capture above into a new capture file:
NMCap /InputCapture issue.cap /capture “HTTP” /file HTTP_only.cap