EventCap Revisited Using NMAPI

You may remember a blog where we talked about automating a capture so that it stops when a particular event shows up in the Windows Event Log. (http://blogs.technet.com/netmon/archive/2007/02/22/eventmon-stopping-a-capture-based-on-an-eventlog-event.aspx). Now that we have the API for NM3.2, we are going to revisit this tool and rewrite it as an expert. Furthermore, the code for the tool…


Customizing the User Interface

Perhaps it’s already known, but I’m going to let the cat out of the bag. You can move your windows around and re-dock them in different places within the capture tab window. Our UI developer may flip out because he’s told me before this isn’t supported. He tells me there is a chance your layout…


Open Source Parsers for Network Monitor 3.2

With the release of NM3.2, we revamped the parser management so that we can support parser upgrades. So I’m pleased to announce that we just released a new version of the parsers on http://www.codeplex.com/nmparsers. As new parsers become available or the current parsers become extended or improved, you’ll be able to get the latest version….


Intro to the Network Monitor API

I’ve recently played with a new tool here at MS, which analyzes HTTP traffic and provides performance information so that you can better tune your web servers and applications. I also have seen an internal SMB expert that summarizes SMB traffic, for instance open files and connects. These types of experts provide a protocol specific…


Network Monitor 3.2 has arrived!

I’m so excited about this release I had to commandeer Paul’s blog for the day and write about it. My name is Tawanda Sibanda and I am the lead program manager for Network Monitor. The team put a lot of effort into this version, adding many of the requests we heard from our customers, while…


Open Source Network Monitor Parsers

With the release of Network Monitor 3.2 we plan to do all of our parser development as an open source project on http://www.codeplex.com/NMParsers. We will be releasing parser packages for Microsoft Protocols on a regular schedule. All parser issues will be tracked, assigned, and fixed on CodePlex first. Then on a regular schedule, we will…



We can categorize traffic into two general types; directed and broadcast traffic. In the most general sense, a broadcast is sent to anybody that wants to listen. What I’d like to talk about is how broadcasts work and what they are used for. How broadcasts work In general a broadcast is a special address. Different…


Map Of Visitors

Report Web Site  


NM3 TV – Video Help for using NM3

If a picture is worth a thousand words, than a video must be worth, …30fps * 1000 * …uh…ok…, like a whole lot. So this blog is going to be devoted to providing short help videos to help understand how to use the features of NM3. My original intention was to provide a cool Silverlight…