MessageAnalyzer

All things about Message Analyzer and related diagnosis for Networks, Log files, and Windows Components

Meet the successor to Microsoft Network Monitor!

Meet the successor to Microsoft Network Monitor!

  • Comments 40
  • Likes

It’s a very exciting week for me and my team!  This week I’m attending the SNIA SDC 2012 conference in Santa Clara, CA and this is where we will announce Message Analyzer.  There are so many new features and aspects to discuss, but for now I’ll leave you with the official announcement:

Microsoft Message Analyzer has been released to the public, available here:

https://connect.microsoft.com/site216 (you’ll have to join the Message Analyzer and Network Monitor program to see the downloads and access other parts of or our site.)

As you might guess from the name, Message Analyzer is much more than a network sniffer or packet tracing tool. Key capabilities include:

  • Integrated "live" event and message capture at various system levels and endpoints
  • Parsing and validation of protocol messages and sequences
  • Automatic parsing of event messages described by ETW manifests
  • Summarized grid display – top level is “operations”, (requests matched with responses)
  • User controlled "on the fly" grouping by message attributes
  • Ability to browse for logs of different types (.cap, .etl, .txt) and import them together
  • Automatic re-assembly and ability to render payloads
  • Ability to import text logs, parsing them into key element/value pairs
  • Support for “Trace Scenarios” (one or more message providers, filters, and views)

We are providing this beta release to give you an opportunity to let us know what you like and don’t like and where we need to focus our energy as we drive towards a mid-2013 RTM date.

Please install, take it for a spin, and send us your thoughts! There are “Report Issue” and “Community” buttons built into the ribbon, and we have a new blog here: http://blogs.technet.com/messageanalyzer.

(To capture at the NDIS and Firewall layers without running as admin, you must log off and back on after installation to pick up the necessary credentials. Please do this!)

Have a ball!

[update: adding a picture]

image 

Comments
  • Thanks for the heads up.

  • Maybe I'm not seeing it... but I don't seem to have access to download the Message Analyzer beta. I only see 3.4 parsers and the test suites...

  • You need to make sure you are part of the Message Analyzer and Network Monitor program.  Go to the Directory link at the top and look for that program and select Join.

  • I noticed in the screenshot it is called "message analyzer".  Will network monitor be in the final name of the tool.  I wonder if people will think message analyzer is an exchange tool.

    Looking forward to taking it for a text run.

  • I meant test* run :)

  • Message Analyzer is the final name.  The tool is no longer focused only on network traffic.  We can read messages of many types, including ETW and text logs.  So we chose the name because it more broadly covers the type of analysis we can did.  Granted, messages might be confused with Exchange, but I suppose we might be able to load those at some point too :)

    Thanks,

    Paul

  • Example:

    connect.microsoft.com/.../explorer-should-expand-folder-tree-the-windows-xp-way

    An attempt to summarize all other features broken by winnt6 is listed here: xpwasmyidea.blogspot.com/.../pending-fixes-for-windows-8.html

  • "We are providing this beta release to give you an opportunity to let us know what you like and don’t like and where we need to focus our energy as we drive towards a mid-2013 RTM date.

    Please install, take it for a spin, and send us your thoughts! There are “Report Issue” and “Community” buttons built into the ribbon"

    Wonderful.

    I wish Microsoft cared about what *I* do and don't like about their file and shell manager as much as they do with message analyzer.

  • Is anyone else getting 'too many redirects' errors after clicking to join the program on the connect page?

  • don't work with VISTA at all!  by design!

    can I please have a user file for OUI identites(hardware modem defintions), and a user map for KNOWN NEIGHBOURS, IP to Network-names...

    for example 192.168.2.14  to JOHN COMPUTER , or  123.123.2.4 to LIGHTBULB (connect -name) SSID in our language.  making it more vernacular makes it less geeky!

    I also assume that PASSWORDS are "not-shown" in any form at all.

  • Will NetMon 3.x parsers be compatible with MessageAnalyzer?

  • So Microsoft is including Wireshark in its distro now? http://www.wireshark.org/

  • Thanks, Paul!

    Is this going to be chargeable when it gets out of Beta?

  • I'll answer a couple of questions:

    * Parsers aren't compatible. But, we have a number of ways to bootstrap from various artifacts such as IDL and Microsoft Technical Document sources, and extensible input model. OPN is much more descriptive or higher "fidelity" than NPL. We are looking at a basic NPL bootstrapper but haven't made a determination on the value prop for that.

    * We don't currently plan to charge for Message Analyzer, but components of it could certainly make their way into other things. Our mission is to improve the interoperability and diagnostic experience of our customers and partners.

    - Dave

  • any chance there is a view of  SAN iscsi messages like from 'bustrace' ... I see SMB which is great ....

    Also is their the other have of NAS - NFS ?

    I know things are changing towards NAS(File) .... but exchange, sqlserver and other rely heavily on ISCSI ..which piggy packs on TCP/IP .... which has been the suite spot for network monitoring tool....

    Also any thoughts or insights into intergrating views Application Centric views and then deep dive via  Xperf in order to not only improve performance and or scalability via bottleneck identification then bottleneck optimization and validation across tiers (or vms) ....

    You guys have done an outstanding job !!!!    If you could provide a example ..maybe using nttccp or something even simpler .... would go along way for us trying to prove that windows observability tools meet the enterprisabilities of those os that ends with X.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment