Having a Tech out tomorrow, any logs I should keep?

Wireshark will be lost on the technician. Try Pingplotter to trace where the packet loss has been happening. If it's not happening on hop 1 or 2, there is nothing a technician will be able to fix. Also, run the test on ethernet as wifi can have all kinds of problem. Last, look at the signal levels from 192.168.0.1 > user;admin password;password > Connection > Cox Network. If your signal levels are bad, how does the coax get from the street to the room the modem is in? Try bypassing any splitters/filters/amp.

Yes, Wireshark can be used to determine packet loss by analyzing captured network traffic. It helps by identifying patterns like missing sequence numbers, retransmissions, or timeouts that indicate packet loss. Here's how to use Wireshark for this purpose and where to find logs related to packet loss on a Windows computer:

Using Wireshark to Detect Packet Loss

1. Capture Traffic:
   • Open Wireshark and start capturing traffic on the desired network interface.
   • Filter traffic for specific protocols (e.g., TCP) or IP addresses if necessary.
2. Analyze Packet Loss Indicators:
   • Sequence Number Gaps: For TCP traffic, sequence numbers in packets should increment without gaps. Gaps may indicate packet loss.
   • Retransmissions: Look for retransmitted packets, often labeled as "TCP Retransmission" in Wireshark.
   • Duplicate ACKs: TCP duplicate ACK packets are sent by a receiver when it notices a gap in sequence numbers.
   • High Latency: Prolonged response times or timeouts can indicate packet loss.
3. Use Statistics and Tools:
   • Go to Statistics > TCP Stream Graphs > Time-Sequence Graph (Stevens) to visualize sequence numbers and detect anomalies.
   • Use Statistics > Summary to get an overview of dropped packets.

Windows Logs for Packet Loss

While Wireshark provides packet-level analysis, Windows also maintains logs that can indicate packet loss or network issues:

1. Event Viewer Logs:
   • Open Event Viewer:
     • Press Win + R, type eventvwr, and press Enter.
   • Navigate to Applications and Services Logs > Microsoft > Windows > Network Troubleshooter to find network-related events.
   • Look for warnings or errors about connectivity issues or failed packet delivery.
2. Network Diagnostics Report:
   • Run a network diagnostic:
     • Right-click the network icon in the taskbar > Troubleshoot problems.
   • The results may include packet loss details, stored temporarily in diagnostic logs.
3. Performance Monitor:
   • Press Win + R, type perfmon, and press Enter.
   • Add counters for network interfaces:
     • Network Interface > Packets Outbound Errors and Packets Received Discarded.
   • Use this data to infer packet loss.
4. PowerShell Logs:
   • Use PowerShell to log and diagnose packet loss:
     • Run Test-Connection -Count 100 <IP> to simulate pinging and detect packet loss.

Key Differences: Wireshark vs. Windows Logs

• Wireshark: Best for granular, packet-level analysis and diagnosing the root cause of packet loss.
• Windows Logs: Useful for system-level troubleshooting, detecting patterns over time, and correlating with other system events.

Let me know if you'd like guidance on using Wireshark or exploring specific Windows tools!