According to Microsoft “Windows 7 also includes Unified Tracing to help identify and resolve network connectivity issues in a single tool. Unified Tracing collects event logs and captures packets across all layers of the networking stack, providing an integrated view into what’s happening in the Windows 7 networking stack and aiding analysis and problem resolution.”

What that says is that under the auspices of one analytical tool, you can get information about the network and other connectivity issues. It can collects network-related event logs and provide captures packets across all network layers.

To perform Unified Tracing, you need the Netsh command line command, and the Network Monitor tool, which can be downloaded from Microsoft. (See sources below) 

Part 1 Unified Tracing – Download the Network Monitor Tool:

Let us start with the Network Monitor tool, since this is a powerful tool that will be used to make the analysis. Microsoft Network Monitor 3.3 tool is used to capture and  perform protocol analysis of network traffic.

Download and install the version that is right for your system. There is an Itanium version (6.2 MB), a 64 bit version (5.2 MB), and a 32 bit version (5.0 MB).

Installing Microsoft Network Monitor 3.3

Microsoft Network Monitor 3.3

Now you are ready to load the etl file created with the Netsh command.

Part 2 Creating the etl file using Unified Tracing

First open the command prompt

Click Start then select Run

CMD

 An etl file will be created from the Netsh command. It will subsequently uploaded into the Network Monitor Tool.  

Run the the Netsh Command

The netsh command is used for the unified tracing operation available in Windows 7. You can use the Netsh.exe tool to perform the following tasks:

The syntax for the Netsh.exe tool is:netsh [-r router name] [-a AliasFile] [-c Context] [Command | -f ScriptFile]To learn how to use Netsh with its switches and parameters, type the context name followed by a space and a ? at the netsh> command prompt. Netsh /?. Or to display a list of subcontext and commands that can be used in the interface context, type Netsh Interface / ?

Netsh command: Netsh /? To view the switches and Parameters

Example #1To see an example of Netsh

netsh interface ip show config [This is similar to the netconfig command

Example #2 Netsh to trace network connections

Run the following commandNetsh trace start scenario = InternetClient tracefile=Windows7News.etl

netsh trace start scenario = InternetClient tracefile = Windows7News.etl

To stop the trace type: Netsh trace stop

Part 3: Launch Microsoft Network Monitor

Open Microsoft Network Monitor and select file -> open -> capture -> msn.etl (in the folder that it was created saved in.)

Network Conversations – Details of Windows7News.com trace

This will show the network trace to the Windows7News.com site. The network monitor tool breaks down the activity frame by frame.  Here are some of the features available in the tool.

You can also create a capture on the local computer network.Go to New Capture -> Press Start (F5)

The network monitor tool works with Netsh to provide information about network connections. Netsh, the command line tool has many switches and parameters. The GUI interface uses the information created by the netsh operation, an etl file and puts it in readable format in the GUI interface.