Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,169 questions
Procmon Boot-Logging and Network traffic
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 45%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
k3llyd
15
Reputation points
I have a freshly loaded and patch win11 22H2 device. I can use procmon to capture and see network summary and traffic all day long. if I setup boot-logging and reboot the device and force network traffic once the device is backup up and then go into procmon to look at the newly created boot log, i don't see any network traffic. All filters are turned off etc. Anyone else have a similar experience? I know the device is sending packets as I can see them on a tap port on my switch. Is boot-logging and network capture aspect not a working feature?
Sysinternals
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(176, 61%, 27%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETJ%3C/text%3E%3C/svg%3E)
Tarjei Jensen 0 Reputation points2024-03-01T09:35:09.7533333+00:00 I try to filter with Operation begins with TCP and include. It excludes everything.
Sign in to comment
1 answer
Sort by: Most helpful
-
Deleted
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more