Microsoft Message Analyzer
Meet the successor to Microsoft Network Monitor!
Microsoft Message Analyzer has been released to the public.
As you might guess from the name, Message Analyzer is much more than a network sniffer or packet tracing tool. Key capabilities include:
• Integrated "live" event and message capture at various system levels and endpoints
• Parsing and validation of protocol messages and sequences
• Automatic parsing of event messages described by ETW manifests
• Summarized grid display – top level is “operations”, (requests matched with responses)
• User controlled "on the fly" grouping by message attributes
• Ability to browse for logs of different types (.cap, .etl, .txt) and import them together
• Automatic re-assembly and ability to render payloads
• Ability to import text logs, parsing them into key element/value pairs
• Support for “Trace Scenarios” (one or more message providers, filters, and views)
(To capture at the NDIS and Firewall layers without running as admin, you must log off and back on after installation to pick up the necessary credentials. Please do this!)
Powerful, extensible viewing and analysis
•Browse, Select, View
•Browse for messages from various sources (live, or stored)
•Select a set of messages from those sources by characteristic(s)
•View messages in a provided viewer, configure or build your own
•A new high-level grid view
•High level “Operations” view with automatic re-assembly
•“Bubbling up” of errors in the stack to the top level
•Ability to drill down the stack to underlying messages and/or packets
•On the fly grouping, filtering, finding, or sorting by any message property
•Payload rendering
•Validation of message structures, behavior, and architecture
•Does the protocol comply with the specifications?
Like this:
Like Loading...
Author: Robert Smit [MVP]
Robert Smit is Senior Technical Evangelist and is a current Microsoft MVP in Clustering as of 2009.
Robert has over 20 years experience in IT with experience in the educational, health-care and finance industries.
Robert’s past IT experience in the trenches of IT gives him the knowledge and insight that allows him to communicate effectively with IT professionals
who are trying to address real concerns around business continuity, disaster recovery and regulatory compliance issues. Robert holds the following certifications:
MCT - Microsoft Certified Trainer, MCTS - Windows Server Virtualization, MCSE, MCSA and MCPS. He is an active participant in the Microsoft newsgroup community and is currently focused on Hyper-V, Failover Clustering, SQL Server, Azure and all things related to Cloud Computing and Infrastructure Optimalization.
Follow Robert on Twitter @ClusterMVP
Or follow his blog https://robertsmit.wordpress.com
Linkedin Profile Http://nl.linkedin.com/in/robertsmit
Robert is also capable of transferring his knowledge to others which is a rare feature in the field of IT. He makes a point of not only solving issues but also of giving on the job training of his colleagues.
A customer says " Robert has been a big influence on our technical staff and I have to come to know him as a brilliant specialist concerning Microsoft Products. He was Capable with his in-depth knowledge of Microsoft products to troubleshoot problems and develop our infrastructure to a higher level. I would certainly hire him again in the future. "
Details of the Recommendation: "I have been coordinating with Robert implementing a very complex system. Although he was primarily a Microsoft infrastructure specialist; he was able to understand and debug .Net based complext Windows applications and websites. His input to improve performance of applications proved very helpful for the success of our project
View all posts by Robert Smit [MVP]
Robert Smit MVP Blog 
What does “payload rendering” refer to? I’m not seeing that in the product, so I assume I’m missing something obvious