We have a Windows server that we suspect is not receiving UDP traffic from a Linux server. We've been able to establish, using tcpdump, that the Linux server is sending UDP traffic and we would like to display UDP traffic coming into the Windows server, preferably using a native Windows util such at netsh or netstat.
Asked
Active
Viewed 464 times
0
-
Any reason why you would not install Wireshark? – Joe Oct 31 '19 at 14:52
-
We ended up using Wireshark – Olumide Oct 31 '19 at 16:14
1 Answers
0
You can capture with the following command:
netsh trace start capture=yes tracefile=c:\temp\capture.etl
and stop with this one:
netsh trace stop
Then, you can open the ETL file with Microsoft Message Analyzer, and if you want to read them in wireshark instead of Microsoft Message Analyzer, you can export the events in a .CAP file: File -> Save As -> Export
Swisstone
- 6,357
- 7
- 21
- 32