Export (0) Print
Expand All

Network Event Packet Capture Cmdlets in Windows PowerShell

Windows Server 2012 R2 and Windows 8.1

Updated: October 17, 2013

Applies To: Windows 8.1, Windows PowerShell 4.0, Windows Server 2012 R2

Windows PowerShell® is a task-based command-line shell and scripting language designed especially for system administration. This reference topic for the information technology (IT) professional provides assistance in utilizing the Windows PowerShell cmdlets to script and automate tasks.

NetEventPacketCapture Cmdlets

This reference provides cmdlet descriptions and syntax for all NetEventPacketCapture cmdlets. It lists the cmdlets in alphabetical order based on the verb at the beginning of the cmdlet.

 

Cmdlet Description

Add-NetEventNetworkAdapter

Adds a network adapter as a filter on a provider.

Add-NetEventPacketCaptureProvider

Adds a Remote Packet Capture provider.

Add-NetEventProvider

Adds an ETW provider to a session.

Add-NetEventVm

Adds a virtual machine as a filter on a provider.

Add-NetEventVmNetworkAdapter

Adds a virtual network adapter as a filter on the provider.

Add-NetEventVmSwitch

Adds a Hyper-V virtual switch as a filter on a provider.

Get-NetEventNetworkAdapter

Gets the network adapters associated with a Remote Packet Capture provider.

Get-NetEventPacketCaptureProvider

Displays a Remote Packet Capture provider.

Get-NetEventProvider

Displays the ETW providers that are present on the computer or associated with an event and packet capture session.

Get-NetEventSession

Gets network event sessions.

Get-NetEventVm

Gets virtual machines from a provider.

Get-NetEventVmNetworkAdapter

Gets virtual network adapters from a provider.

Get-NetEventVmSwitch

Gets Hyper-V virtual switches from a provider.

New-NetEventSession

Creates a network event session.

Remove-NetEventNetworkAdapter

Removes network adapters associated with a provider.

Remove-NetEventPacketCaptureProvider

Removes the Remote Packet Capture provider and deletes the settings.

Remove-NetEventProvider

Removes an ETW provider from a session.

Remove-NetEventSession

Removes a network event session.

Remove-NetEventVm

Removes virtual machines from a provider.

Remove-NetEventVmNetworkAdapter

Removes virtual network adapters from a provider.

Remove-NetEventVmSwitch

Removes Hyper-V virtual switches from a provider.

Set-NetEventPacketCaptureProvider

Modifies the configuration for a Remote Packet Capture provider.

Set-NetEventProvider

Modifies settings for an ETW provider.

Set-NetEventSession

Modifies a network event session.

Start-NetEventSession

Starts event and packet capture for a network event session.

Stop-NetEventSession

Stops event and packet capture for a network event session.

noteNote
To list all the cmdlets that are available, use the Get-Command –Module NetEventPacketCapture cmdlet.

For more information about, or for the syntax of, any of the cmdlets, use the Get-Help <cmdlet name> cmdlet, where <cmdlet name> is the name of the cmdlet that you want to research. For more detailed information, you can run any of the following cmdlets:

Get-Help <cmdlet name> -Detailed
Get-Help <cmdlet name> -Examples
Get-Help <cmdlet name> -Full

 

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft