Troubleshooting network issues can feel like chasing ghosts, especially when you’re dealing with intermittent latency or app timeouts in complex environments. Enter the power of ControlUp and the Generate Network Trace script, just one of our many out-of-the-box scripts/automation to help you overcome those pesky problems while automating a solution for the future.
This PowerShell script automates the creation of a native Windows network trace in .etl format, then converts it into a .pcapng file using Microsoft’s official converter so that you can analyze it directly in Wireshark.
Why it’s useful:
- Captures real-time network traffic for deep inspection.
- Filters by IP, protocol (TCP, UDP, ICMP), and packet types (IPv4, IPv6, ARP).
- Helpful in identifying handshake issues, packet loss, or app-level problems.
- Designed to run as SYSTEM to capture low-level data, but warns that network shares may block this.
This script provides a precise view of what’s happening on the wire, whether isolating dropped connections, chasing TLS handshake failures, or validating firewall rules.
Built by @Guy Leech and available directly in the ControlUp Script Library. It requires admin rights and a bit of familiarity with PowerShell and Wireshark, but it gives you complete control over what’s captured and how it’s filtered.
Learn more: https://www.controlup.com/script-library-posts/generate-network-trace/
If you have questions, please join our community. You can ask us about our scripts and automations, and anything you have questions about! We are here to help you! Join us today!
Categories: Blog, ControlUp Scripts & Triggers