How can I use Packet Monitor in Windows 10?

To run the Packet Monitor, first, you need to open a Command Prompt Window.

  1. Press Ctrl + R to open Run and type cmd, then hit Enter or click the OK button.

  2. While in Command prompt, type pktmon.exe and hit Enter.

  3. You will see a list of possible commands. If you’re not familiar with them, you can use the help command. Type pktmon name of the command help. For example, the pktmon start help will show you the whole description of the command like in the picture below.

Some useful Pktmon command lines

  1. To filter a port for packages, you can use the pktmon filter add -p [port] command for each port you want to monitor. For instance, pktmon filter add -p 80 will filter the 80 port.
  2. To start monitoring packages type pktmon start –etw -m real-time.
  3. to stop the monitoring type pktmon stop. After you stopped monitoring, the report has been stored in the PktMon.etl file. To read that, you either download and install the Microsoft Network Monitor, or you can transform that into a text file. To do that, type pktmon format PktMon.etl -o reportlog.txt. Please leave us your comments in the section below.

SPONSORED Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ