Tip of the Day: More Message Analyzer 1.1: Sifting through data with the 'Find' feature
Today’s (Networking) Tip…
Most are familiar with filtering, which allows the narrowing of focus by eliminating superfluous data. From the display
The Find feature on the other hand gives us another approach to searching through a capture. With the Find feature we can specify and then systematically step through the displayed to each instance of the given criteria.
Where to Find 'Find'
Make sure the Home ribbon is selected. Then look for the Find binocular icon the View Options section.
Find Using a Filter Expression
You can use the find feature with the same filter expressions you might use when constructing a display filter, or a color rule. The following illustration provides a simple example of searching for an IPv4 address.
Enter the expression (or load it from the Filter Library and click Find. Click Find again to move to each subsequent matching instance.
IMPORTANT The find function will only highlight a match for a top-level message. It will only stop on a matching sub-layer if the message is expanded to a point where the node is exposed.
Find Using Text
In addition to regular filter expressions, employing the 'contains' keyword allows you to search using a variety of string options. The following example demonstrates a simple search of the summary information for the string 'bing'.
Final Thoughts
Remember. The examples given are just for very basic demonstration purposes. Think of the specific troubleshoot tasks you perform regularly and experiment building appropriate search criteria.
Keep in mind that you can customize filter expressions to suit your needs and that when using the contains keyword you have options beyond a simple string search of the Summary column.
Check the Message Analyzer Operator Guide for more detailed information. You can also load filter examples, including examples of additional Contain Filters options from Message Analyzers built-in filter library.
