How to get a Wireshark trace?
Overview
There are two tools that can be used for a TCP/IP network trace: Wireshark and netsh.The preferred method would be to use Wireshark, however if Wireshark cannot be installed, then netsh can be used.
Information to include when submitting a network trace to UiPath
- The IP address of the endpoints involved. For example, if tracing out a network connection to Orchestrator, we would need, the client IP address and the Orchestrator IP address.
- The IP address of the client can be found by opening a command prompt and running: ipconfig.
- Take a screenshot of the output and share that with UiPath.
- The IP address of Orchestrator can be found by opening a command prompt and running: nslookup
- i.e If the Orchestrator URL was https://orchestrator.uipath.devtest, then the command to run would be: nslookup orchestrator.uipath.devtest.
- Take a screenshot of the output and share that with UiPath.
- The IP address of the client can be found by opening a command prompt and running: ipconfig.
- Finally include the trace file. If the attachment is too big for email, let us know and we will make a drop box. (Or use Customer Portal).
Wireshark
- Install wireshark. https://www.wireshark.org/download.html
- Installing Wireshark Under Windows
- Just follow the default options.
- If it says a restart is needed, that probably is not true and that step can be skipped.
- Open wireshark.
- Select the interface to trace. Typically, this will be the Ethernet adapter (or if using wifi, it will be the Wi-Fi adapter.
- The icon has a heartbeat monitor graphic next to it and it is typically the most active one.
- The below screenshot has an example of what this may look like (the ethernet adapter number might not always be the same).
- After the adapter is selected, click the shark fin icon on the top right of the screen.
- This will trigger the capture.
- Reproduce the issue.
- Go back to wireshark and then click the stop icon (the red square icon next to the shark icon).
- Go to File->Save As... and save the capture.
- Send the capture to UiPath along with the additional information regarding the client and server IP address.
Netsh
If there is a need to capture a network trace of a client or server without installing Wireshark or Netmon this might be helpful. (This feature works on Windows 7/2008 R2 and above).
- Open an elevated command prompt and run: "netsh trace start persistent=yes capture=yes tracefile=%temp%\nettrace-boot.etl" (make sure you have a \temp directory or choose another location).
- Reproduce the issue or do a reboot if tracing a slow boot scenario.
- Open an elevated command prompt and run: "netsh trace stop"
- The trace will be stored in %temp%\nettrace-boot.etl**or wherever you saved it. The trace can be viewed using netmon: https://www.microsoft.com/en-us/download/4865
- Send the capture to UiPath along with the additional information regarding the client and server IP address.