In MEA GBS Team Murat Kayacan has the nick name  ”Commander” . His passion for technology, never ending patience when teaching engineers and helping customers all around the world, is exceptional. With this blog post , Murat will start sharing a series of posts around the Microsoft Message Analyzer. Commander, the bridge is yours!


As part of my daily interaction with customers, I have to deal with network traces very often and I use our own Microsoft Network Monitor. This tool has been serving us for many years but it´s time to move on and find new/better ways to analyze network traces. Please join me in these series to take a deeper look into our new network traffic analysis tool “Microsoft Message Analyzer”.

messageanalyzer

Message Analyzer is the next version of Network Monitor and it´s capabilities exceed its predecessor in many aspects. It provides features and capabilities that were simply not possible before and it makes our life much easier. The most important features that differentiate Message Analyzer from Netmon are:

  • Analyze https (SSL/TLS) traffic in an unencrypted fashion
  • Analyze IPsec traffic in an unencrypted fashion
  • Analyze traffic between two local processes running on the same box
  • Starting ETW capturing from any providers installed on the host and analyzing the collected ETW traces
  • Generating protocol activity graphs
  • Providing PowerShell cmdlets for automation ( i.e. Start and End a network trace based on an event log)
  • Able to capture network traffic from remote hosts (even from VMs running on Hyper-V hosts)
  • Parsing and validation of protocol messages and sequences
  • Abstracting protocol activity when needed

In the coming blog posts, we’ll walk through some of the cool features above with real examples. After that, you will be able to utilize similar techniques when troubleshooting problems in your own environments.

If you already want to get started, please download and install Message Analyzer here.

 

Till next time, Commander is off the bridge…


Original content from Murat Kayacan. Posted by MEAGBS editor Aydin Aslaner.