Message Analyzer Protocol Parsers

by Ning Kuang and Cheng Chang As the successor to Network Monitor, Microsoft Message Analyzer (MMA) provides new parsing capabilities with superior enhancements. With the use of the new Open Protocol Notation (OPN) language upon which the parsers are built, Message Analyzer dramatically extends protocol modeling capabilities, network traffic diagnostics, and the analysis features of…

3

Anatomy of Message Analyzer Analysis

When learning a new program, it’s often helpful to have a high level view of the various pieces and parts. With Message Analyzer, if you know the names of its parts and pieces and how they work together, you can get a feeling of mastery. In the sections that follow, we will attempt to dissect…

2

Using PowerShell to Automate Tracing

While tracing with a UI is simple, it has limitations today. When it comes to tracing a sticky problem, you need extensibility and flexibility in order to instrument when to start and stop a trace. We facilitate this in Message Analyzer by leveraging PowerShell and a new set of Cmdlets which ship with Message Analyzer…

5

Support for Microsoft Open Specifications Documentation

One of the focuses of Message Analyzer is to support protocol interoperability and our Microsoft Open Specifications Documentation. And in fact we have a group at Microsoft who supports these efforts. A great resource in this respect is the Microsoft Open Specifications Support Team Blog, where they post a lot of great articles about protocols…

0

Remote Capture with Message Analyzer and Windows 8.1

With the introduction of Windows 8.1, we have an amazing new feature which lets Message Analyzer capture messages remotely. This feature was introduced with Windows 8.1 and Server 2012 R2. From any client, down to Windows 7 (which requires a few components to be installed), you can attach to a remote target, configure how you…

3

Customizing Message Analyzer Column Layouts

by Mai-Ing Cheng This exciting feature allows you to choose the data columns that you want to display in the Analysis Grid viewer; a feature that was not available in Netmon. You can greatly enhance your data analysis perspectives by having access to a greater superset of data that is now available to you. The…

2

Dealing with Too Much Data

Networks are fast. Way fast! Sniffing for just a few seconds can generate a lot of data. And it’s not trending down at all. While we will continue to optimize things and make Message Analyzer work with larger data sets more effectively, the truth is that we can’t keep up with the pace. There needs…

5

Message Analyzer: Why so different from Network Monitor?

Message Analyzer is different, yes. When we set out on this adventure, we weren’t trying to make a new Network Monitor 4. It’s not that you can’t get a Network Monitor type of perspective, but we are trying to expose some new ideas to make the information that is already there pop out at you…

8

Message Analyzer has Released – A New Beginning

We are excited to announce the official release of Message Analyzer to the Microsoft Download Center. Sci-Fi movie references aside, this really is a new beginning for troubleshooting and analysis. Message Analyzer brings a set of new ideas, new techniques, and new paradigms in order to make analysis of protocols, log files, and system events…

21

Sequence Match View: Identifying Interesting Network Patterns

by Serge Mera Filtering is one of the most popular techniques for narrowing down data and understanding what’s going wrong with your traffic. It is very useful for multiple troubleshooting scenarios, however, filtering criteria is restricted in its application to the boundaries of a message. Filtering cannot capture the context where a particular event occurs,…

6