Applies to: Windows Server (Semi-Annual Channel), Windows Server 2019, Windows 10, Azure Stack HCI, Azure Stack Hub, Azure

Packet Monitor (Pktmon) is an in-box, cross-component network diagnostics tool for Windows. It can be used for packet capture, drop detection, filtering, and counting. Pktmon is especially helpful in virtualization scenarios such as container networking and SDN, because it provides visibility within the networking stack.


pktmon { filter | comp | reset | counters | format | list | start | stop | pcapng | unload | help } [options]


Command Description
pktmon filter Manage packet filters.
pktmon comp Manage registered components.
pktmon reset Reset counters to zero.
pktmon counters Query packet counters.
pktmon format Convert log file to text.
pktmon list List all active components.
pktmon start Start packet monitoring.
pktmon stop Stop packet monitoring.
pktmon pcapng Convert log file to pcapng format.
pktmon unload Unload pktmon driver.
pktmon help Displays a short summary of subcommands.

Additional References