I like Wireshark. But I don’t like to install software on a server for troubleshooting purposes. Especially when you need software like PCAP to sniff some network data.
But what you can do is capture data data with netsh, copy the data to your workstation, convert the data so you can read it with wireshark and do you thing.
Capture the data
Run this command to capture the data (elevated command prompt)
netsh trace start capture = yes ipv4.address = x.x.x.x
And stop the capture when you are done
netsh trace stop
Copy the files to you computer
Convert the capture
Download the etl2pcapng converter from the MS Github repo: https://github.com/microsoft/etl2pcapng
Convert the data
etl2pcapng.exe NetTrace.etl out.pcapng
You can open the out.pcapng file and do you thing.
Happy Troubleshooting!