Microsoft originally offered theMicrosoft connection Monitorwhich was succeeded by theMicrosoft Message Analyzer.
Unfortunately, Microsoft has discontinued the Microsoft Message Analyzer and removed its download links.
Currently, only the older Microsoft online grid Monitor is available.
Of course, you might use third-party tools for performing internet captures, such as WireShark.
Though some third-party tools may offer a better experience Microsoft web link Monitor still holds its own.
once you nail Microsoft web link Monitor installed, go ahead and launch the program.
Once launched, you will select New Capture.
Next, you will want to start the monitoring by clicking on the Start button.
This will instantly start the capture and you will see conversations starting to show up on the left-hand side.
Additionally, if you have just installed this, you may need to reboot.
This makes looking at specific processes much easier to find and then dive into.
One example of using a filter, is the
, under the DNS section of Standard Filters.
Building Filters
Creating filters, or modifying the built-in filters, is very easy.
Within the Display Filter field, there are several ways to construct filters.
Using the standard comparison operator of
we can see if certain values are equal.
We can even create multi-expressions using logic operators such as
and
.
An example of what this looks like is below.
There are a few methods as well that are available such ascontains()andUINT8().
In the next section, we take a look at some more useful examples.
verify you have conversations turned on, this filter depends on that functionality.
Within the Frame Details is each packet broken up into its component parts.
On the opposite side is the Hex Details which are the raw bytes and decoding.
Conclusion
Performing data pipe traces is very easy with the latest version of Windows.
Though Microsoft has opted to discontinue or deprecate their internally created tools, some still thrive.
