Share

Message Analyzer is an expert-oriented tool for capturing, displaying and analyzing many types of network and system messages and activities (network traffic, files, Windows Event Logs, USB traffic, more).

This data may be filtered and presented in grids, charts, graphs, timelines and more.

While the program is aimed at developers and system admins, anyone who's happy using tools like Sysinternals Process Monitor could also find it useful.

To get started on Windows 8.1 or later, launch Microsoft Message Analyzer as an administrator and click the "Local Network Interfaces..." scenario. This tells the program you want to capture local network and internet traffic.

The program opens a tab for your new session, starts capturing and displaying details in a grid. Toolbar buttons allow pausing, stopping or restarting captures with a click.

Open a browser, collect emails, run some other web-related software, scroll down the grid and you'll see source and destination addresses, traffic types and more.

When you're happy there's enough information to explore, click Stop to stop the capture.

The grid is immediately useful as a report of network and internet activity during the capture time.

There's also a message stack which displays the sequence of events.

Clicking a particular HTTP (or whatever) message drills down to the raw details: URI, HTTP version, header, content-type, whatever.

The grid will have a lot of data, but filters help you zoom in on whatever you need. If you've found an interesting destination IP address, for instance, right-click it and select "Add Destination to filter". This updates the filter box above the grid, and if you click "Apply" then only traffic with that IP address will be displayed.

When you've had enough of scrolling through the grid, click Sessions > New Viewer > Chart for all kinds of traffic-related analyses and graphs. Click Default, for instance, and a bar chart appears showing protocol types. You can drill down here, too, perhaps double-clicking "TCP" to view a grid of only TCP traffic.

Alternatively, if you just want to save the data, click Session > Analysis Grid > Export to save the traffic as CSV.

Verdict ratingsratingsratingsratingsratings

Microsoft Message Analyzer is a vast application which enables collecting, browsing and drilling down into all kinds of low-level system traffic and messages. It's very much for Windows experts, but if you're comfortable using tools like Sysinternals Process Monitor then you'll get at least something from the program.