Wireshark-users: [Wireshark-users] Opening a netsh trace capture in Wireshark shows nothing - is
Date Prev
·
Date Next
·
Thread Prev
·
Thread Next
Date Index
·
Thread Index
·
Other Months
·
All Mailing Lists
From
: Kurt Buff <
kurt.buff@xxxxxxxxx
>
Date
: Thu, 22 Mar 2018 17:33:21 -0700
All,
I used the native netsh facility on a Win10 1607 box to capture an .etl file during (wireless) bootup, to see if I could figure out a problem we're having with either DNS or Group Policy (can't figure out which yet)..
I saved it off, and on another box I used MSFT MessageAnalyzer (1.4) to export that to a .cap file so that I could open it in Wireshark (2.4.5), per this article
https://blogs.technet.microsoft.com/yongrhee/2013/08/16/so-you-want-to-use-wireshark-to-read-the-netsh-trace-output-etl/
Some STFW indicates that necessary dissectors for wifi aren't available in Wireshark
Is this still true, or am I missing a configuration setting or dissector import that would reveal the packets?
Thanks,
Kurt
Prev by Date:
[Wireshark-users] Wireshark 2.5.1 is now available
Previous by thread:
[Wireshark-users] Wireshark 2.5.1 is now available
Index(es):
Date
Thread