Mastering Microsoft's CLI Packet Capture: Pktmon.exe for IT Pros
Vložit
- čas přidán 12. 02. 2023
- Pktmon.exe is a powerful packet capture tool that works in PowerShell or CMD. Its strength is the ability to analyze complex network stacks, including virtualization, containers, and SDN. Simple to use and has a powerful real-time display of traffic throughout the network stack. Want to discover problems resulting in dropped packets, Packet Monitor can focus on just dropped packets and why they were dropped. Drill down into your VPN circuits and see problems in real-time. Windows Admin Center has an extension that brings some of the features of Packet Monitor into the GUI console. Azure Portal also allows the use of Packet Monitor for quick packet capture. Conversion tools allow your log files to be viewed in a text editor or Wireshark.
Handy link to Pktmon command syntax: learn.microsoft.com/en-us/win...
Please consider becoming a channel member:
• you get an early viewing of all our video content
• access to the complete series of videos for each subject
• links to video notes and PowerPoint slide deck both in MS-Word and PDF format
• Our eBook and resources folder
• Join our channel membership, it’s $2.99/month); see the “Join” button on our channel homepage. / @techsavvyproductions
"Everybody can be great... because anybody can serve. You don't have to have a college degree to serve. You don't have to make your subject and verb agree to serve. You only need a heart full of grace. A soul generated by love." Martin Luther King Jr.
Links to Documentation
PowerPoints in *.pptx format: docs.google.com/presentation/...
Slide Deck in PDF:
drive.google.com/file/d/1RUxy...
Video Notes in *.docx:
docs.google.com/document/d/1p...
Video Notes in PDF: drive.google.com/file/d/1FTRQ...
Pktmon quick reference: drive.google.com/file/d/1-h8q...
Check out our CZcams channel for more content!
CZcams: / vanderl2796
Check out our Website: www.techsavvyproductions.com
Mr.V Linkedin: / lowell-vanderpool-5797...
Email: mrvanderpool@techsavvyproductions.com
Quick Access to more videos on TechSavvyProductions Channel:
Troubleshooting Windows Lockups, Application Hangs, and Blue Screen of Death • IT Admins' Guide to Wi...
TPM 2.0 using Windows 11 and Windows 10 • TPM 2.0 Demystified: I...
Windows 10 Secure Boot: Sharpen your Security • Boot Up with Confidenc...
UEFI Explained: Windows 10 and UEFI • UEFI Explained: Windo...
Windows Recovery Environment WinRE: Explained • Windows Recovery Envir...
How to Rescue Data when Windows will not Boot • From Boot Failure to D...
Windows 10 startup problems: Fixing Boot Problems • Windows 10 startup pro...
Day 1: Troubleshooting Windows Applications. What is a process and What are threads? • Mastering Windows Appl...
Day 2: Troubleshooting Windows Applications. Types of Applications and Processes. • Troubleshooting Essent...
Day 3: Troubleshooting Windows Applications: Process States • Windows Application Tr...
Day 4: Process Explorer Metrics and Troubleshooting Windows Applications • Mastering Process Expl...
Day 5: A Look at Microsoft Store Apps and Why we don’t Troubleshoot them! • Troubleshooting Micros...
Day 6: Linux GUI Applications are coming to Windows • Linux GUI on Windows: ...
Day 7: Understanding Application *.DLL files • Cracking the Code: Day...
Windows Services: A Technical Look at Windows 11 and Server 2022 Part 1 • Windows 11 & Server 20...
Hyper-V Explained: Providing Network-Storage-Graphic performance in a Virtual Machine • Hyper-V Performance Wi...
Hyper-V: Understanding Virtual Machines • Demystifying Virtual M...
Hyper V: Advanced Topics Performance NUMA and Shielded VMs • Hyper-V Performance an...
Out of Band Server Management: A Look at HP iLO • Going Rogue: How Out o...
Troubleshooting Windows 10 and Windows 11 Using Task Manager • Task Manager Unveiled:...
How to Rescue Data when Windows will not Boot • From Boot Failure to D...
Advanced Troubleshooting for Frozen/Lockup Computers/Servers and Applications • Resolving Windows Appl...
Troubleshooting Windows Lockups, Application Hangs, and Blue Screen of Death • IT Admins' Guide to Wi... - Věda a technologie
Just learning. Love this instruction. Awesome.
Thank you for your support!
I love the way you explain everything you’re very kind and you take your time to teach us clearly I am a computer support specialist student I would like be more than I thought
May God bless you for all you’ve done to everyone who always watch your videos 🙌🏾
DAX blessings back at you!
thnak you again and again
Thanks for watching!
Some of these video I have to watch twice to get to that hard core stattus
John your hard core!
Thanks @TechsavvyProductions. I would want to follow a dedicated channel like this on Centos Linux. Any recommendations Mr Vanderpool ?
czcams.com/users/thecentosproject Looks like they are making many product changes.
Hi, thank you for your work. Can you advice me on how track why my miracast wifi direct connection is being droped with some devices?
Great question on a subject that looks very interesting but I know too little about to help. I enjoy wireless technology but have not been paying attention to Wi-Fi direct and Mirecast. Need to start learning!
I added a LLDP filter to pktmon and wireshark
Wireshark shows all the LLDP info, port ID, switch name etc
PKTMON does not find any of the switch name and port info
any ideas why this would be ?
See if this article helps: alanjmcf.wordpress.com/2022/04/15/lldp-cdp-on-windows-with-no-extra-software/ Check out my latest video: "Windows 11/ Server 2022 kernel router and route table: How it works!" czcams.com/video/nQ2MBhFZXus/video.html
Let's say my server is in VLAN 888, how do you find the VLAN ID?
If i open the etl or txt i don't find the VLAN 888, also can it show CDP info like NIC01 is connect to switch "SwitchA" in port "01"?
Great question, I believe (not entirely sure) that type info is external to Microsoft network stack so you would have to fire up Wireshark.
I'd love to find a way to capture the VLAN tag. I've tried on switches with no luck. Even on Linux servers where the tag is created on the NIC, a tcpdump doesn't show them. @@TechsavvyProductions
Please make video on Network stack
Working on it, it is a great review of the fundamentals and yet a great deal of complex topics. I hope to publish soon
Keep great videos going intro walkthrough real-world examples 😮👌GREAT JOB SIRRegistry video has me following+ go windows 10 home edition after windows update doing infinite black hp spin circle restore point failed , dism error 2 and 3 after work hense two and three MALWARE my money corrupted.
Thank you for watching!
Im trying to open pktmon in live mode. Im typing pktmon start -c -o
But its show no information under each column. What am i doing wrong?
I found the answer!
START pktmon
Pktmon start -c -- comp ##
[##the number of the interface]
THEN RUN
Pktmon counters --live
Awesome!