By now, pktcap-uw, the VMware tool to run flexible packet captures on ESXi hosts, including capturing VM vnic traffic, is old news. It’s great, but when I need to use it, I always have to take a minute to remember syntax and method. I’d rather spend my mental energy troubleshooting the networking issue that necessitated the packet capture in the first place.
So, I wrote a small helper script that enables this simple syntax:
$ ./capture-vm-traffic.sh start <vm-name>
$ ./capture-vm-traffic.sh stop
It generates three pcap files, for input, output, and drops. Get the script and instructions here: