Microsoft Message Analyzer has been released to the public, available here:
As you might guess from the name, Message Analyzer is much more than a network sniffer or packet tracing tool. Key capabilities include:
- Integrated "live" event and message capture at various system levels and endpoints
- Parsing and validation of protocol messages and sequences
- Automatic parsing of event messages described by ETW manifests
- Higher-level display of operations->messages->packets
- User controlled "on the fly" grouping by message attributes
- Ability to browse for logs of different types (.cap, etl, txt) and import them together
- Automatic re-assembly and ability to render payloads
- Ability to import text logs, parsing them into key element/value pairs
- Support for “Trace Scenarios” (one or more message providers, filters, and views)
We are providing this beta release to give you an opportunity to let us know what you like and don’t like and where we need to focus our energy as we drive towards a mid-2013 RTM date.
Please install, take it for a spin, and send us your thoughts! There are “Report Issue” and “Community” buttons built into the ribbon, and we have a new blog here: http://blogs.technet.com/messageanalyzer.
(To capture at the NDIS and Firewall layers without running as admin, you must log off and back on after installation to pick up the necessary credentials. Please do this!)
--> Please see the Connect Page : https://connect.microsoft.com/site216