Tag: connectivity

(2 Scripts)

<< Back to Script Library
Produces a native Windows network trace in etl format, downloads a signed Microsoft utility from GitHub and runs that to convert the etl file to a pcapng file that Wireshark can open.
After successful conversion the source etl trace will be deleted, leaving the converted file whose name and location will be in the output window.
Specifying output files on network shares may not work as the script needs to run as system so may not have access.
Address filters can be a comma separated list of IP addresses or resolveable names or leave blank to not filter.
Protocol filters can be a comma separated list of TCP, UDP, ICMP, IGMP or leave blank to not filter.
Ether type filters can be a comma separated list of IPv4, IPv6, ARP, etc or leave blank to not filter.
https://github.com/microsoft/etl2pcapng
Version: 1.2.20  •   Created: 2024-10-02  •   Modified: 2025-01-12
The script uses a webrequest to ifconfig.me to detect the public IP the machine is using.
The output will include the public IP only, or 0.0.0.0 if the web request fails.
Version: 1.1.2  •   Created: 2020-11-23  •   Modified: 2020-11-24