Usually we use Wireshark to capture network packets on a network to see if there are problems with particular types of data able to be collected.

Sometimes it is not possible to install applications on servers at the last minute because of security policies regarding application installs needing approval first.

This option can capture the same data using the built-in tool NETSH.  NetSH is a command line network configuration tool that can also be u sed to trace data packets coming to and from the server.

To use the NETSH command to capture packets coming across your server:

1. Open Admin command prompt

2. Run the command

Netsh trace start capture=yes tracefile=c:\temp\<Filename>.etl maxsize=1024 filemode=circular

This will output the capture to a file with an .etl extemsion.

3. to stop the capture, enter the command:

Netsh trace stop

4. Copy the .etl file created by trace and send to support or upload to support case.