Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now


Watch Windows 10:- Sniffer/Packet Capture

Posted on
6,207 Points
2 Endorsements
Last Modified:
Experience Level: Intermediate
Edward van Biljon
Experienced Messaging Specialist with a demonstrated history of working in the information technology and services industry.
In this video we show you how you can capture traffic in Windows 10 using a built-in app called pktmon. We also show you how you can convert the ETL created to a txt file so you can easily read the data.

Video Steps

1. Launch CMD

Click the start button and type in cmd and run it as administrator.

2. Run Start Command

In the window type in "pktmon start --etw.

3. Run Stop Command

In the same window, run "pktmon stop". This will stop the capture and create the file in location "C:\Windows\System32\pktmon.ETL"

4. Convert ETL to TXT

In the same window type in, "pktmon format PktMon.etl -o mylog.txt. You can now navigate to the location listed in Step 3 to view the TXT file.
  • 2
LVL 31

Expert Comment

by:Andrew Leniart
What an excellent video about a Windows 10 function I had no idea even existed. Thanks for this information Ed. Very useful!


Regards, Andrew
LVL 31

Expert Comment

by:Andrew Leniart

Suggested Videos

In a recent question here at Experts Exchange, a member wants to enhance an AutoHotkey script that performs "Title Case" conversion. The enhancement is to allow specification of words that are excluded from the capitalization (conjunctions and prepo…
In this article, I will show you HOW TO: Create your first Windows Virtual Machine on a VMware vSphere Hypervisor 7.0 (ESXi 7.0) Host Server, the Windows OS we will install is Windows Server 2019.

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month