We've had to do this in the past as well. Like 4 or 5 people already said. The "best" way would be a sniffer. Any sniffer will do, just write the output to a file then go back and look at all the traffic. This is good way to prove you ran certian tests, and did not run others (Some clients don't want you running certian tests).