netsh
Capture
netsh trace start capture=yes tracefile=C:\Users\Administrator\Documents\cap.etlStop
netsh trace stopConvert to PCAP
https://github.com/microsoft/etl2pcapng
etl2pcapng.exe in.etl out.pcapngLast updated
netsh trace start capture=yes tracefile=C:\Users\Administrator\Documents\cap.etlnetsh trace stophttps://github.com/microsoft/etl2pcapng
etl2pcapng.exe in.etl out.pcapngLast updated