How to collect and analyze Netmon logs

How to collect and analyze Netmon logs Ideally, we capture the logs between client and servers in order to check issues from network point of perspective

Analyze Netmon logs

How to collect and analyze Netmon logs
  • Choose either 32 bit or 64 bit as per the machines configuration
collect and analyze Netmon logs
  • Install executable
Netmon logs
analyze Netmon logs
  • Hit Next
collect analyze Netmon logs
  • Install it and finish

Steps to capture Netmon logs:

Open Netmon and run as admin so that it can detect all NIC cards of the machine and select all of them before capturing network logs

Steps to capture Netmon logs

Post that click on new capture and hit start

capture Netmon logs

Repro the issue and make sure Netmon is running in the background, once issue is reproduced then stop the traces

capture Netmon logs

Finally save the logs à file à save as à give a specific nameà clientnetmonlogs à Okay

Filters used for Netmon in order to read the logs

Below is the section where we have apply filters

capture Netmon log

e.g.

  • Ipv4.address==”client ip” and ipv4.address==”server ip”
  • Tcp.port==
  • Udp.port==
  • Icmp
  • Arp
  • Property.tcpretranmits
  • Property.tcprequestfastretransmits
  • Tcp.flags.syn==1
  • Tcp.flags.reset==1
  • tcp.port==5061 // SIP over TLS.  This is used by most functions of OCS
  • && tcp.port==5060   // SIP over TCP
  • && tcp.port==5062   // Default SIP for the  A/V edge
  •  && tcp.port==5063   // Default SIP for the A/V Conferencing server
  • && tcp.port==443     // HTTPS, TCP STUN
  • && udp.port==3478  // UDP STUN
  • && tcp.port==8057   // PSOM
  •  && tcp.port==135    // RPC endpoint mapper used on front end servers for WMI and DCOM
  • && dns

Conclusion : Post reading above blog now I am confident on how to capture and read the netmon logs

Don’t forget to support us by following us on Google News or Returning to the home page TopicsTalk

Join Telegram and WhatsApp for More updates

Follow us on social media

About Sushil G

Hi, my name is Sushil and I am an experienced content writer with a passion for technology. For the past 10 years, I have been specializing in Microsoft products like Azure AD, Exchange, Skype for Business (SFB), and Teams. My in-depth knowledge of these products has enabled me to help many individuals and businesses to achieve their goals by leveraging the power of Microsoft technology. As a content writer, I enjoy taking complex technical concepts and breaking them down into easy-to-understand language. I'm always eager to learn about the latest trends and advancements in the industry and share my knowledge and expertise with others. If you need help in understanding Microsoft products and maximizing their potential, I'm here to help.