How to collect and analyze Netmon logs Ideally, we capture the logs between client and servers in order to check issues from network point of perspective
Analyze Netmon logs
- Download Netmon from this link: https://www.microsoft.com/en-us/download/4865
![How to collect and analyze Netmon logs How to collect and analyze Netmon logs](https://topicstalk.com/wp-content/uploads/2014/08/How-to-collect-and-analyze-Netmon-logs.jpg)
- Choose either 32 bit or 64 bit as per the machines configuration
![How to collect and analyze Netmon logs collect and analyze Netmon logs](https://topicstalk.com/wp-content/uploads/2014/08/collect-and-analyze-Netmon-logs.jpg)
- Install executable
![How to collect and analyze Netmon logs Netmon logs](https://topicstalk.com/wp-content/uploads/2014/08/Netmon-logs.jpg)
![How to collect and analyze Netmon logs analyze Netmon logs](https://topicstalk.com/wp-content/uploads/2014/08/analyze-Netmon-logs.jpg)
- Hit Next
![How to collect and analyze Netmon logs collect analyze Netmon logs](https://topicstalk.com/wp-content/uploads/2014/08/collect-analyze-Netmon-logs.jpg)
- Install it and finish
Steps to capture Netmon logs:
Open Netmon and run as admin so that it can detect all NIC cards of the machine and select all of them before capturing network logs
![How to collect and analyze Netmon logs Steps to capture Netmon logs](https://topicstalk.com/wp-content/uploads/2014/08/Steps-to-capture-Netmon-logs.jpg)
Post that click on new capture and hit start
![How to collect and analyze Netmon logs capture Netmon logs](https://topicstalk.com/wp-content/uploads/2014/08/capture-Netmon-logs-1.jpg)
Repro the issue and make sure Netmon is running in the background, once issue is reproduced then stop the traces
![How to collect and analyze Netmon logs capture Netmon logs](https://topicstalk.com/wp-content/uploads/2014/08/capture-Netmon-logs-2.jpg)
Finally save the logs à file à save as à give a specific nameà clientnetmonlogs à Okay
Filters used for Netmon in order to read the logs
Below is the section where we have apply filters
![How to collect and analyze Netmon logs capture Netmon log](https://topicstalk.com/wp-content/uploads/2014/08/capture-Netmon-logs-3.jpg)
e.g.
- Ipv4.address==”client ip” and ipv4.address==”server ip”
- Tcp.port==
- Udp.port==
- Icmp
- Arp
- Property.tcpretranmits
- Property.tcprequestfastretransmits
- Tcp.flags.syn==1
- Tcp.flags.reset==1
- tcp.port==5061 // SIP over TLS. This is used by most functions of OCS
- && tcp.port==5060 // SIP over TCP
- && tcp.port==5062 // Default SIP for the A/V edge
- && tcp.port==5063 // Default SIP for the A/V Conferencing server
- && tcp.port==443 // HTTPS, TCP STUN
- && udp.port==3478 // UDP STUN
- && tcp.port==8057 // PSOM
- && tcp.port==135 // RPC endpoint mapper used on front end servers for WMI and DCOM
- && dns
Conclusion : Post reading above blog now I am confident on how to capture and read the netmon logs
Don’t forget to support us by following us on Google News or Returning to the home page TopicsTalk
Join Telegram and WhatsApp for More updates
Follow us on social media