Technology Overview i17

  • Article

Introduction
This topic contains a brief and high-level overview of Message Analyzer technologies. The intent of this topic is to provide background information to help you understand various Message Analyzer concepts, functions, and capabilities. In other terms, you might consider this material as an introduction to prepare for the Technology Tutorials later in this section. The knowledge that you acquire here should enable a better understanding of how to use the Message Analyzer user interface features, in addition to the reason why you would use them.

Possible Topics:

PEF and ETW technologies; data retrieval, data capture, data viewers, and data analysis to load, capture, display, and analyze data; tools; local vs remote capture; static data, message providers (etw instrumentation), trace scenarios, filtering, assets, session viewer and navigation infrastructure, field column expansions, field correlations; viewer extensibility (using Chart-style data viewers with graphic visualizer components); stack level inspection points; field, stack, and hexadecimal details; operations; stack view compression; time shift correlations; diagnostics, viewpoints, annotating messages; decryption; pattern matching; layouts, grouping, session infrastructure and data sources.

Possible Snippets:

The Message Analyzer Analysis Grid is the primary data analysis surface, because it provides the interfaces in which you display, manipulate, and analyze Live Trace Session and Data Retrieval Session results

By default, the Session Explorer Tool Window also displays when you select the Home tab, and enables you to navigate among different viewers that are currently displaying session data. The Session Explorer window also enables you to select additional data viewers for any currently displayed session tab, by providing a right-click context menu from where you can select the different viewer types. For example, you could choose the Protocol Dashboard viewer, which has data visualizer components that display various graphical top-level summaries of captured message traffic.

The primary data viewer for Live Trace Session and Data Retrieval Session results on the Message Analyzer Home tab is the Analysis Grid Viewer, which displays by default unless you change the default viewer in the Options dialog or you specifically select a different data viewer when starting a New Session. The Analysis Grid viewer provides a tree grid type display of trace data where message traffic is grouped by top-level message and operation nodes that you can expand or double-click for further details. When you select a message row in the Analysis Grid viewer, detailed information about the message displays in the Details, Message Data, Field Data, and Message Stack Tool Windows, providing that they are open, to facilitate analysis of message fields, values, and stack layer data. Since the Analysis Grid viewer is the main interface that you will use to analyze message traffic, this environment is sometimes referred to in this documentation as an Analysis Session. However, an Analysis Session can also encompass other data viewers in separate session tabs, such as the Protocol Dashboard or Top IP/Ethernet Conversations viewers.

From the Message Analyzer Charts tab, you can create or modify Charts that contain graphic visualizer components for data analysis purposes, which includes bar charts, pie charts, timeline graphs in the x-y coordinate domain, and table grids. Message Analyzer provides numerous Chart data viewers by default, for example, the Top TCP/UDP Conversations and Top Talkers viewers. Message Analyzer enables you to create new Charts, or you can modify the default Chart viewers by removing visualizer components and/or adding your own custom components, layouts, and data mappings, as described in Configuring Chart Data Viewers. All the Chart viewers that Message Analyzer provides are described in the Data Viewers section.

The Charts tab provides access to various controls and dialogs that enable you to add new components, remove existing components, and create data mappings for new visualizer components. You can also use the Manage Charts dialog to export Charts, including any that you create, to a remote user file share or other location for sharing with other users. The Manage Charts dialog also enables you to import Charts that others create. In addition, you can share your Charts with others by creating your own custom subscriber feed in the Message Analyzer Sharing Infrastructure, with some current limitations regarding update synchronization on user-configured feeds, as described in Manual Item Update Synchronization.

More Information
To learn more about working with Message Analyzer UI features and functions, see the usage task sections of this documentation:

Starting a Message Analyzer Session
    Capturing Message Data
    Retrieving Message Data
Viewing Message Data
Filtering Message Data
Saving Message Data
Automating Tracing Functions with PowerShell
Managing Message Analyzer Assets
Extending Message Analyzer Data Viewing Capabilities