Sniff traffic on Windows without using Wireshark
scenario: you do no have rights (formally) to install software on your managed Windows Server: from elevated prompt: netsh trace start capture=yes tracefile=C:\TEMP\trace1.etl persistent=yes maxsize=4096 #at the end of your network debugging operation: netsh trace stop copy your trace1.etl, open it with Microsoft Network Monitor : Microsoft Network Monitor 3.4 go to Tools>Options>Parser Profile. Select Windows and click on Set as Active. analyze network traffic.