How do i monitor network traffic on Windows from the command line

后端 未结 4 2391
再見小時候
再見小時候 2021-02-20 14:33

How do i monitor network traffic on Windows from the command line; specifically the download/upload speeds and amount of data uploaded/downloaded ? Is there a script /batch for

相关标签:
4条回答
  • 2021-02-20 14:37

    While tshark is really powerful if you want to have fine grained statistics (according to hosts, protocols, ...), it has the main drawback to gather statistics during the time period it is running. As such, it is only good at reporting "instant" statistics but not to report poll traffic at regular points in time to have a view of how your network traffic changes along the day, week, ...

    Moreover, as tshark makes packets capturing, there is some overhead.

    So, according to your needs, you might be interested in the MS Windows net or netstat commands (netstat has option to report statistics by protocol). 'net statistics [Server|workstation]' or 'netstat [-e|-s]' are, as far as network traffic statistics are concerned, the MS Windows equivalents of Linux 'ifconfig' (or 'cat /proc/net/dev' if you prefer).

    Note that, as ifconfig do, net or netstat only report amount of data since the interface has been brought up.

    In order to obtain traffic rates, you've got to timestamp your calls to those commands and do the computation yourself.

    AFAIK, both commands are shipped with all recent MS Windows versions.

    0 讨论(0)
  • 2021-02-20 14:49

    I'm updating the answer for a more complete an accurate one, using netsh command, and some string operations to avoid Windows 32bits integer overflow.

    Remember you need to run netsh interface ip show subinterfaces and check what is the line of your network adapter. The following batch file uses the 4th string line, that's the 1st adapter listed.

    It checks the speed every 10 seconds. If your upload or download speed is up to 100 MBytes per seconds, you need to repeat the loop more often (for example every 1 second).

    It creates a .csv file too. Remove that last line if you don't need it.

    The batch file:

    @ECHO off
    SETLOCAL ENABLEDELAYEDEXPANSION
    
    set TAB=    
    echo Timestamp%TAB%Down bytes%TAB%Up bytes%TAB%Down speed%TAB%Up speed
    
    :looptask
    
    :: Store console command result
    SET count=1
    ::FOR /F "tokens=* USEBACKQ" %%F IN (`netstat -e`) DO (
    FOR /F "tokens=* USEBACKQ" %%F IN (`netsh interface ip show subinterfaces`) DO (
      SET string!count!=%%F
      SET /a count=!count!+1
    )
    
    :: *** Change string number to the line with your interface data ***
    set line=%string4%
    :: For ME, bytes transfered line is string3 using netstat and string4 using netsh
    
    :: Get rid of the whitespaces 
    :loopreplace
    if defined line (
      set "new=!line:  = !"
      if "!new!" neq "!line!" (
        set "line=!new!"
        goto :loopreplace
      )
    )
    if defined line if "!line:~0,1!" equ " " set "line=!line:~1!"
    if defined line if "!line:~-1!" equ " " set "line=!line:~0,-1!"
    
    :: Extracting bytes downloaded and uploaded
    ::FOR /F "tokens=2,3 delims= " %%A IN ("%line%") DO (
    FOR /F "tokens=3,4 delims= " %%A IN ("%line%") DO (
      set dbytes=%%~A
      set ubytes=%%~B
    )
    
    :: Midnight epoch
    for /F "usebackq tokens=1,2 delims==" %%i in (`wmic os get LocalDateTime /VALUE 2^>NUL`) do if '.%%i.'=='.LocalDateTime.' set ldt=%%j
    set time=%ldt:~8,2%:%ldt:~10,2%:%ldt:~12,2%
    FOR /F "tokens=* delims=0" %%A IN ("%ldt:~8,2%") DO SET /A hs=%%A+0
    FOR /F "tokens=* delims=0" %%A IN ("%ldt:~10,2%") DO SET /A min=%%A+0
    FOR /F "tokens=* delims=0" %%A IN ("%ldt:~12,2%") DO SET /A sec=%%A+0
    set /a epoch=%hs%*3600+%min%*60+%sec%
    
    :: Calc initial transfer
    if not defined LOOPCOMPLETE (
        echo %time%%TAB%%dbytes%%TAB%%ubytes%%TAB%0.00 KB/s%TAB%0.00 KB/s
        goto :skip
    )
    :: Read .CSV file last line values
    for /f %%i in ('find /v /c "" ^< bwlog.csv') do set /a lines=%%i
    set /a lastLine=%lines% - 1
    SET count=1
    FOR /F "tokens=* USEBACKQ" %%F IN (`more /e +%lastLine% bwlog.csv`) DO (
      SET string!count!=%%F
      SET /a count=!count!+1
    )
    FOR /F "tokens=1,2,3 delims=," %%A IN ("%string1%") DO (
      set lasttime=%%~A
      set lastdown=%%~B
      set lastup=%%~C
    )
    if %epoch% == %lasttime% (  
        goto :skip
    )
    
    :: 2,147,483,647 is the maximum value of a integer you can use, so only keep  9 characters
    set /a lastup=%lastup: =%
    set /a ddif=%dbytes:~-9% - %lastdown:~-9%
    set /a udif=%ubytes:~-9% - %lastup:~-9%
    
    :: Calc bandwidth
    set /a dspeed=(ddif)/(epoch-lasttime)/10
    set ddec=%dspeed:~-2%
    set /a dspeed=(ddif)/(epoch-lasttime)/1000
    set /a uspeed=(udif)/(epoch-lasttime)/10
    set udec=%uspeed:~-2%
    set /a uspeed=(udif)/(epoch-lasttime)/1000
    echo %time%%TAB%%dbytes%%TAB%%ubytes%%TAB%%dspeed%.%ddec% KB/s%TAB%%uspeed%.%udec% KB/s
    
    :skip
    
    :: Append the .CSV file 
    echo %epoch%,%dbytes%,%ubytes% >> "bwlog.csv"
    
    :: Do every 10 seconds
    set LOOPCOMPLETE=1
    timeout /t 10 /nobreak >nul
    goto :looptask
    
    ENDLOCAL
    

    Keep in touch if you need a fix.


    Previous solution using a batch file, with some limitations:

    I wanted to give you an easier solution, then I used my previous answer to code a fresh windows batch script that iterates every 10 seconds. It monitors download and upload bandwidth/speed in console and logs ammount of bytes transferred in a .csv file.

    @ECHO off
    SETLOCAL ENABLEDELAYEDEXPANSION
    
    set TAB=    
    echo Timestamp%TAB%Down bytes%TAB%Up bytes%TAB%Down speed%TAB%Up speed
    
    :: Store console command result
    :looptask
    SET count=1
    FOR /F "tokens=* USEBACKQ" %%F IN (`netstat -e`) DO (
      SET string!count!=%%F
      SET /a count=!count!+1
    )
    :: Bytes transfered line is string3
    
    :: Get rid of the whitespaces 
    :loopreplace
    if defined string3 (
      set "new=!string3:  = !"
      if "!new!" neq "!string3!" (
        set "string3=!new!"
        goto :loopreplace
      )
    )
    if defined string3 if "!string3:~0,1!" equ " " set "string3=!string3:~1!"
    if defined string3 if "!string3:~-1!" equ " " set "string3=!string3:~0,-1!"
    
    :: Extracting bytes downloaded and uploaded
    set line=%string3:~6%
    FOR /F "tokens=1,2 delims= " %%A IN ("%line%") DO (
      set dbytes=%%~A
      set ubytes=%%~B
    )
    
    :: Midnight epoch
    for /F "usebackq tokens=1,2 delims==" %%i in (`wmic os get LocalDateTime /VALUE 2^>NUL`) do if '.%%i.'=='.LocalDateTime.' set ldt=%%j
    set time=%ldt:~8,2%:%ldt:~10,2%:%ldt:~12,2%
    FOR /F "tokens=* delims=0" %%A IN ("%ldt:~8,2%") DO SET /A hs=%%A+0
    FOR /F "tokens=* delims=0" %%A IN ("%ldt:~10,2%") DO SET /A min=%%A+0
    FOR /F "tokens=* delims=0" %%A IN ("%ldt:~12,2%") DO SET /A sec=%%A+0
    set /a epoch=%hs%*3600+%min%*60+%sec%
    
    :: Calc speeds
    if not defined LOOPCOMPLETE (
        echo %time%%TAB%%dbytes%%TAB%%ubytes%%TAB%0.00 KB/s%TAB%0.00 KB/s
        goto :skip
    )
    :: Read .CSV file last line values
    for /f %%i in ('find /v /c "" ^< bwlog.csv') do set /a lines=%%i
    set /a lastLine=%lines% - 1
    SET count=1
    FOR /F "tokens=* USEBACKQ" %%F IN (`more /e +%lastLine% bwlog.csv`) DO (
      SET string!count!=%%F
      SET /a count=!count!+1
    )
    FOR /F "tokens=1,2,3 delims=," %%A IN ("%string1%") DO (
      set lasttime=%%~A
      set lastdown=%%~B
      set lastup=%%~C
    )
    if %epoch% == %lasttime% (  
        goto :skip
    )
    set /a dspeed=(dbytes-lastdown)/(epoch-lasttime)/10
    set ddec=%dspeed:~-2%
    set /a dspeed=(dbytes-lastdown)/(epoch-lasttime)/1000
    set /a uspeed=(ubytes-lastup)/(epoch-lasttime)/10
    set udec=%dspeed:~-2%
    set /a uspeed=(ubytes-lastup)/(epoch-lasttime)/1000
    echo %time%%TAB%%dbytes%%TAB%%ubytes%%TAB%%dspeed%.%ddec% KB/s%TAB%%uspeed%.%udec% KB/s
    :skip
    
    :: Append the .CSV file 
    echo %epoch%,%dbytes%,%ubytes% >> "bwlog.csv"
    
    :: Do every 10 seconds
    set LOOPCOMPLETE=1
    timeout /t 10 /nobreak >nul
    goto :looptask
    
    ENDLOCAL
    

    PS: Windows limitations are the counter resets every 4GBytes transferred and at midnight.


    Old solution using task scheduller and XAMPP:

    I had to monitor and log the amount of data downloaded as your case, and found it faster to run a script with the Windows task scheduller than looking for a free software that dump the usual graphics info into a file. Perhaps my homemade script works for you.

    I started a local Apache/PHP server using XAMPP for Windows and run this script from command line. For example:

    "C:\xampp\php\php.exe -f C:\xampp\htdocs\bwlog.php"
    

    The bwlog.php script uses @phep answer suggested windows command netstat -e. You can create the script file with the notepad, and the code is:

    <?php
    //Task to schedule "C:\xampp\php\php.exe -f C:\xampp\htdocs\bwlog.php"
    //Store console command result
    $netstat=shell_exec("netstat -e");
    //Start of the bytes transfered line
    $line=substr($netstat,strpos($netstat,"Bytes"));    
    //End of the line
    $line=substr($line,0,strpos($line,"\n"));   
    //Get rid of the whitespaces 
    $bytes=preg_replace('/\s+/', ' ',$line);    
    //Extracting only bytes downloaded
    $bytes=substr($bytes,$start=strpos($bytes,' ')+1,strrpos($bytes,' ')-$start);
    //Append the .CSV file  
    file_put_contents('C:\xampp\htdocs\bwlog.csv',PHP_EOL.time().', '.$bytes,FILE_APPEND);
    ?>
    

    Then I processed the the .csv in a spreadsheet software to calc the download speed (bandwidth) using the difference between 2 bytes values over the difference between the 2 matching time values (bytes/seconds).

    Feel free to ask a fix to log the uploaded bytes. Wish it be useful.

    0 讨论(0)
  • 2021-02-20 14:51

    typeperf in Windows should work to get the data.

    typeperf "\Network Interface(*)\....
    typeperf -q "Network Interface" will list all the object
    \Network Interface(*)\Bytes Total/sec
    \Network Interface(*)\Packets/sec
    \Network Interface(*)\Packets Received/sec
    \Network Interface(*)\Packets Sent/sec
    \Network Interface(*)\Current Bandwidth
    \Network Interface(*)\Bytes Received/sec
    \Network Interface(*)\Packets Received Unicast/sec
    \Network Interface(*)\Packets Received Non-Unicast/sec
    \Network Interface(*)\Packets Received Discarded
    \Network Interface(*)\Packets Received Errors
    \Network Interface(*)\Packets Received Unknown
    \Network Interface(*)\Bytes Sent/sec
    \Network Interface(*)\Packets Sent Unicast/sec
    \Network Interface(*)\Packets Sent Non-Unicast/sec
    \Network Interface(*)\Packets Outbound Discarded
    \Network Interface(*)\Packets Outbound Errors
    \Network Interface(*)\Output Queue Length
    \Network Interface(*)\Offloaded Connections
    
    0 讨论(0)
  • 2021-02-20 14:53

    You can use tshark with -z <statistics> argument. Just search Wireshark. It is open source and multiplatform.

    0 讨论(0)
提交回复
热议问题