GithubHelp home page GithubHelp logo

tksh164 / ndisetl2pcap Goto Github PK

View Code? Open in Web Editor NEW
0.0 3.0 1.0 23 KB

Convert from the network trace file by netsh to the pcap file.

License: MIT License

C# 100.00%
netsh network-trace pcap event-tracing-for-windows ndis

ndisetl2pcap's Introduction

NdisEtl2Pcap

NdisEtl2Pcap converts from the network trace file that creates by the netsh command to the pcap file.

Installation

Download the zip file from release. After that extract the executable file from the zip file.

Requirements

  • .NET Framework 4.7 or later

Usage

NdisEtl2Pcap.exe <Input ETL File Path> <Output PCAP File Path>

Example:

>NdisEtl2Pcap.exe netsh-trace.etl netsh-trace.pcap
TotalEventRecordCount: 616557
TotalNdisEventRecordCount: 616460
OldestNdisEventRecordTimestamp: 4/11/2018 10:30:40 AM
NewestNdisEventRecordTimestamp: 4/11/2018 12:30:39 PM
Elapsed: 00:00:04.8648188

Capture network trace using the netsh command

You can create a network trace etl file using the netsh trace command. Since Windows 7/Windows Server 2008 R2, the netsh command has trace sub-command. Details are here.

Example:

>netsh trace start capture=yes report=disabled correlation=disabled maxSize=500 traceFile="C:\temp\nettrace.etl"

Trace configuration:
-------------------------------------------------------------------
Status:             Running
Trace File:         C:\temp\nettrace.etl
Append:             Off
Circular:           On
Max Size:           500 MB
Report:             Disabled

>netsh trace stop
Merging traces ... done
File location = C:\temp\nettrace.etl
Tracing session was successfully stopped.

Related

License

Copyright (c) 2018-present Takeshi Katano. All rights reserved. This software is released under the MIT License.

Disclaimer: The codes stored herein are my own personal codes and do not related my employer's any way.

ndisetl2pcap's People

Contributors

tksh164 avatar

Watchers

avatar avatar avatar

Forkers

phxdesign

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.