How to collect a packet capture on Windows without Wireshark

Environment:

• Wireshark
• Microsoft Windows Server 2012 and later
• Qlik Sense Enterprise on Windows 
• QlikView 
• Qlik NPrinting 

Qlik Technical Support has requested a packet capture, but your security policy or a warranty restriction prevents you from installing Wireshark.

Resolution:

Use the following steps to generate a packet capture in Windows 2012 and later.

1. Open a command-line session using Run as administrator.
2. Start the capture:
   Type netsh trace start capture=yes protocol=TCP and press Enter.
   NOTE: View the command output. The output lists where the capture is saved. 
3. Keep the command-line session open.
4. Reproduce your issue.
   NOTE: Technical Support strongly recommends that you list all IP addresses and hosts used in the session. 
5. Return to the open session or open a new command-line session using Run as administrator.
6. Stop the packet capture:
   Type netsh trace stop and press Enter. 
7. Navigate to the folder the session listed as the output location.
   The capture file is in ETL (Microsoft Tracelog) format. 
8. Copy the files from the output directory and send them to Qlik Technical Support.