Export (0) Print
Expand All

Release Features Summary

The official release of Microsoft Message Analyzer contains a broad range of features that build upon and exceed those of its predecessor, Microsoft Network Monitor. These features are designed to improve your usability experiences and to expand your capabilities set when loading, capturing, analyzing, and troubleshooting message data with Message Analyzer. The following is a summary of these features:

  • General Capabilities — includes features for getting started quickly:

    • Start Page — review news items and navigate through Message Analyzer guidance from the News and Guidance tabs, respectively. Also, access the Sharing Infrastructure from the Downloads and Settings tabs to download user Library item collections and OPN parser packages, or to set these collections and packages to automatically synchronize to updates that are periodically pushed out by a Microsoft web service.

    • Quick Trace — use this Start Page feature to quickly start a Trace Session with a single click on a predefined Trace Scenario, such as the Firewall, Web Proxy, or Local Link Layer scenario.

    • Browse — click this link in the Backstage (File tab) to open the configuration interface for a Browse Session, where you can target a single source or multiple data sources for a data import operation, and select specific data to import from such sources using filters, for example, a Time Filter and/or Selection Filter.

    • Capture/Trace — click this link in the Backstage to open the configuration interface for a Trace Session, where you can select a predefined Trace Scenario from a scenario Library and configure various provider settings and filters to customize your trace configuration before starting a live trace.

    • Save As — click this link in the Backstage to display the Save/Export Session dialog to specify a save configuration for imported or trace data that you have manipulated and analyzed.

  • Home tab — the primary analysis surface for Message Analyzer includes a Ribbon that contains the following features:

    • Time Shifts — specify time shifts that enable you to adjust the timestamps in a message set, for example to compensate for machine skew or time-zone changes across traces.

    • View Filters — select or create filters that apply specified filtering criteria to trace results to narrow the focus to messages with specific properties or values. Also, quickly create a View Filter by selecting an Analysis Grid context menu item.

    • Quick Filters — configure a window of time in which to view and assess trace results and remove the filter to restore your original data as required.

    • Viewpoints — specify preset viewpoints so you can view data from the perspective of a protocol, in addition to hiding operations in the current view and resetting the default viewpoint.

    • Tool Windows — utilize interactive tool windows that respond to message selection or session selection to provide additional message details. The tool windows that are available consist of the following:

      • Session Explorer — monitor operational status and session statistics, and observe real-time progress indicators when loading, capturing, filtering, sorting, finding, grouping data, and applying sequence matching; navigate among different data viewers in various sessions; and select new data viewers from a context menu.

      • Message Details — view field names and values for any message that you select in the Analysis Grid.

      • Message Data — highlight hexadecimal values for any field that you select in the Details tool window or Analysis Grid, including payloads.

      • Field Data — display the value of any field that you select in the Details tool window.

      • Bookmarks — mark one or more messages of interest, which includes adding links, attachments, and different colored flags.

      • Comments — quickly add basic comments to one or more messages.

      • Diagnostics — summarizes diagnosis errors and enables you to easily jump to a corresponding diagnosis message in the Analysis Grid viewer. You can also filter Diagnostics tool window columns to isolate specific column data.

      • Call Stack — display the message stack for any selected message row in the Analysis Grid viewer.

      • Column Chooser — add selected columns to the default Analysis Grid column configuration to expand the scope of data presentation and further enhance data examination and troubleshooting.

    • Color Rules — apply (or configure) Color Rules that serve as alerts, warnings, or troubleshooting cues for a set of trace results.

    • Sequence Expressions — apply predefined Sequence Expressions to discover pattern matches in TCP messages within a set of trace results, or develop and save your own Sequence Expressions based on traffic you have captured.

    • View Layouts — apply View Layouts to configure the Analysis Grid with data-column configurations that serve as troubleshooting templates in user-defined or predefined areas such as TCP and HTTP diagnosis.

    • Data Viewers — display data viewers such as the Protocol Dashboard and SMB Reads and Writes from the New Viewer drop-down, or from the Session Explorer context menu.

    • Session Reconfiguration — return to Browse Session or Trace Session configuration to recast your data import or live trace configuration.

    • Find — use the Find feature to locate individual messages that meet the criteria of a predefined or user-developed View Filter.

  • Charts tab — create, edit, save, and share Chart viewers that can contain custom-configured pie, bar, timeline, and grid chart components, similar to the built-in Protocol Dashboard viewer. Use the centralized Field Chooser to specify message fields for your Chart; and create data manipulation formulas for diverse data display configurations that will empower visual analysis capabilities.

  • Sharing Infrastructure — utilize the Message Analyzer Sharing Infrastructure to download default user Library collection items for manipulating and viewing data; and download OPN packages for parsing retrieved messages. Configure synchronization for automatic updates to these collections and packages that are periodically pushed out by a Microsoft web service to the default Message Analyzer subscriber feed on the Start Page. Because user Libraries are integrated with the Sharing Infrastructure, you can import, export, and share these items with others, including any that you create or modify. Library item types include Trace Scenarios, Filters, Viewpoints, Color Rules, View Layouts, Charts, and Sequence Expressions. To enable sharing these Library items, you can configure your own user feeds or post items to a user file share. You can also manage all user Library types with the common and centralized management dialog.

  • Other Capabilities — other prominent capabilities include the following:

    • Capture Remote Hyper-V-Switch Traffic — capture traffic from one or more virtual machines (VMs) that are serviced by a Hyper-V Switch on a remote Windows 8.1 or Windows Server 2012 R2 host, or on the local computer. Includes specifying packet traversal paths on the switch extension layers and on the NDIS driver filter stack, along with other special filters such as packet Truncation, EtherType, and IP Protocol Number filters, by using the Microsoft-Windows-NDIS PacketCapture Advanced Settings dialog.

    • PEF-WFP Fast Filters — specify Fast Filters for the PEF WFP message provider in a Firewall trace.

    • PEF-NDIS Fast Filters — configure logically chained Fast Filter groups that you assign to host adapters by using the Microsoft-PEF-NDIS PacketCapture Advanced Settings dialog in a Local Link Layer trace on Windows 8 and earlier hosts.

    • Filtering Language — discover how to write your own Filter Expressions for use with Message Analyzer data imports, live traces, and results analysis.

    • ResponseTime — add this Global Annotation entity from the Column Chooser as a data column in the Analysis Grid viewer. Enables you to measure the time interval between a request operation to a server and the first server response, to provide a context for assessing server performance.

    • Definitions — display OPN definitions for capture modules or message fields from the Analysis Grid viewer or Details tool window context menu, respectively.

Important for Network Monitor Users  Message Analyzer dramatically extends the network traffic diagnostics and analysis capabilties of Network Monitor, however, some Network Monitor features such as process name correlation and WiFi tracing are not yet fully implemented in Message Analyzer. For a high-level comparison of several Message Analyzer and Network Monitor features and why new approaches have been taken for capturing, displaying, and analyzing message traffic, see the Blog article Message Analyzer: Why so different from Network Monitor?.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
© 2014 Microsoft