Tip of the Day: Running a Network Trace on Nano Server

Today’s Tip…

As diagnostic tools such as Netsh trace, Tracelog.exe, and Logman.exe are not available in Nano Server, you must use Windows PowerShell Network Event Packet Capture Cmdlets to gather network traces.

After setting up a remote PowerShell session there are six basic steps required to perform a network trace:

  1. Add a new network event session with New-NetEventSession
  2. Add a network event provider to the session with New-NetEventPacketCaptureProvider (see note below)
  3. Start the session with Start-NetEventSession
  4. Get information about the session with Get-NetEventSession
  5. Stop the network event session with Stop-NetEventSession
  6. Remove the network event session with Remove-NetEventSession

Note - The Add-NetEventProvider can also be used when taking a local event capture, however, the New-NetEventPacketCaptureProvider command adds the options for a Remote Capture provider.


See the following resources for more information and examples on the use of PowerShell Network Event Cmdlets:

Network Event Packet Capture Cmdlets in Windows PowerShell

Packet Sniffing with PowerShell: Getting Started

Comments (0)

Skip to main content