The capture process
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
The capture process
The process by which Network Monitor copies frames is referred to as capturing. You can capture all network traffic to and from the local network adapter, or you can set a capture filter and capture a subset of frames. You can also specify a set of conditions that trigger an event. If you create triggers, Network Monitor can respond to events on your network. For example, you can make the operating system start an executable file when Network Monitor detects a particular set of conditions on the network. After you have captured data, you can view it. Network Monitor translates the raw capture data into its logical frame structure.
While Network Monitor captures frames from the network, statistics about the frames appear in the Capture window, which has four panes:
| Pane | Displays |
|---|---|
A graphical representation of frames sent to or from the local computer. |
|
Statistics about current individual sessions. |
|
Statistics about frames sent to or from the computer running Network Monitor. |
|
Summary statistics about frames sent to or from the local computer since the capture process began. |
Network Monitor uses the Network Driver Interface Specification (NDIS) facility to copy all frames it detects to its capture buffer.
For detailed instructions on capturing network data, see Capture network frames.