Reply OT (not perl is mentioned)

I'm not sure if this is a XY Problem, but if you want to capture the traffic on remote host from windows, I would install plink + pageant from putty page and tshark from wireshark home

I would setup my environment so plink can ssh to host without password, with pki infraestructure (see pageant doc) (but you can use the the insecure -pw plink option) (thought I would try to use sudo and not root direct access)

Then add to %PATH% env var paths to tshark.exe and to plink.exe, and you could execute, to save 3 seconds of remote network traffic:

plink root@host tcpdump -i any -s0 -w - not port 22 | tshark -i - -w r
+emote-traffic-captured.dump -a duration:3
[download]

Regards,