Skip to content
TIC Talk Blogs

TIC Talk Blogs

  • About TIC Blogs
  • Request for More Information
  • What We Offer

Tool Tip-How to Capture Windows Network Trace using netsh

January 21, 2020 by TIC Talk Blog

One of our clients needed to do research on an intermittent network issue that occurred between a Windows Server web application and the NonStop. Because the problem occurred intermittently, network traces must be run continuously.

Most of you are probably familiar with Wireshark, the free Windows tool used for capturing network traces for offline analysis. It is the same tool that can be used to analyze NonStop CLIM traces, which are in Wireshark .cap file format.  Wireshark is a wonderful tool that is easy to use, but there are times when its use may be limited.

For Example:

  1. Wireshark needs to be installed. In some organizations, the User doesn’t have Admin rights to install new programs on the desktop. The User has to submit a request which has to be approved. After approval, the installation will then be scheduled and performed by Network Administrators. Potentially, this has the makings of being a long, drawn-out process.
  2. Wireshark is known to use a lot of memory during capture.  If you decide to run a Wireshark trace continuously to try to capture an intermittent problem, Wireshark could eat up most of the available memory of your computer.

Running Wireshark continuously could be quite taxing to your computer’s resources, and not something that’s sustainable.  That’s when a tool like Microsoft’s netsh utility is necessary.

What is netsh?

netsh (network shell) is a command-line scripting utility that allows you to display or modify the network configuration of a computer that is currently running. netsh commands can be run by typing commands at the netsh prompt and they can be used in batch files or scripts. Remote computers and the local computer network devices can be configured by using netsh commands. One common use of netsh is to capture network traces.

How to use netsh in 3 quick steps

1, Start a trace: netsh trace start capture=yes

2. Stop a trace: netsh trace stop

Note: It may take a long time for the “Generating data collection…” to be completed. Be patient and wait until the “done” appears.

3. Analyze a trace:  Use Microsoft Message Analyzer to import the .etl file

Note: It may take a while for the analyzer to ingest the file ready for analysis.

Summary

Wireshark is still the “go-to” tool for analyzing network traffic. However, a tool like netsh, is a good alternative if you’re having problems with Wireshark.


Phil Ly is the president and founder of TIC Software, a New York-based company specializing in software and services that integrate NonStop with the latest technologies, including Web Services, .NET and Java. Prior to founding TIC in 1983, Phil worked for Tandem Computer in technical support and software development.

Post navigation

Previous Post:

Accessing Google Apigee with LightWave

Next Post:

Who Needs Software Testing?

One comment

  1. Igor says:
    February 24, 2020 at 6:39 am

    Nice article Phil! It might be interesting and useful in the future.

    But … “Microsoft Message Analyzer – Retirement Notice”
    https://docs.microsoft.com/en-us/openspecs/blog/ms-winintbloglp/dd98b93c-0a75-4eb0-b92e-e760c502394f

    Of course MMA can still be found on Internet… 😉

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

TIC Website

WWW.TICSOFTWARE.COM

Search

Subscribe

Enter your email to subscribe to future updates

Recent Posts

  • LightWave Client Conecta el NonStop a Servicios Financieros
  • How we integrate Base24 with REST using LightWave
  • “NonStop Forward, Forward NonStop”
  • How to safely run TCP/IP traces on your network CLIM
  • Application Integration Leverage the Power of Shadowbase User Exits

Categories

  • ALM
  • API Gateway
  • Application Development
  • Business Intelligence
  • Cloud
  • Community
  • Connect
  • Development
  • Enterprise
  • iTP Web Server
  • LightWave
  • Lighwave
  • LogWatch
  • Methodology
  • Modernization
  • NonStop
  • Operation
  • OSS
  • REST
  • Security
  • SOAP
  • TAG
  • Tandem
  • TeleFax
  • TeleFTP
  • TeleMail
  • Thunder Suite
  • Tools
  • TOP
  • Training
  • Uncategorized
  • Web Services
  • XML

Follow us on LinkedIn

Follow us on Twitter!

© 2021 TIC Talk Blogs | WordPress Theme by SuperbThemes