netsh
Capture
netsh trace start capture=yes tracefile=C:\Users\Administrator\Documents\cap.etlStop
netsh trace stopConvert to PCAP
etl2pcapng.exe in.etl out.pcapngLast updated
netsh trace start capture=yes tracefile=C:\Users\Administrator\Documents\cap.etlnetsh trace stopetl2pcapng.exe in.etl out.pcapngLast updated