Or you can add an IP Address you want to target:
netsh trace start capture=yes IPv4.Address=X.X.X.X overwrite=no maxSize=500 tracefile=c:\MYCAP1.etl
=====Converting the ETL File:
The ETL file can be sent to anyone to convert it to a PCAP file for Wireshark viewing. The default maxSize is 250MB but it can be changed. You can obviously change the capture name and location if you want.
1. Microsoft Message Analyzer
This ETL file is converted using Microsoft Message Analyzer:
1. First open the ETL in MMA
2. Go to File, Save As, All Messages, Export to export it as a CAP
2. Microsoft Github Script ETL2PCAPNG
There’s now a free tool that will convert these ETL files to PCAPNG files.