Developing Parsers for Network Monitor

The Network Parsers in Microsoft Network Monitor are one of the key components for analyzing network data. They allow the user to see a breakdown of the data being sent over the network and allow other tools to find that data quickly and easily.

A lot of work has already been done on general public protocols and the protocols of many windows products. However, the number of protocols being created is always increasing and there will always be a need to add more protocols to our parser set.

Parser Request
If you are in need of a parser for a specific protocol, please let us know by filling a bug request but by using the Title "Parser Request: Protocol Name". If you are a member of our CodePlex project, please also flag the Type of issue as a "Feature" and the Component as "Parser Request".

In your Description please justify the need for this parser and attach a capture file containing some sample capture data (be aware this information is public). Finally, set the Priority (as well as mentioning in the description) to reflect the need for this protocol based upon the timeline estimates in our Bug Filing section.

Parser Submission
Better yet, if you have a protocol you've developed we'd love to know about it and talk with you about including it in our parser set (barring any legal issues). To let us know you have a protocol developed, use the same process as filling a bug; however, use the Title "Parser Submission: Protocol Name". Again, if you are a member of our CodePlex project, please flag the Type of issue as a "Feature" and the Component as "Parser Submission".

In your Description please justify the inclusion of your parser and if there are any private holds on the protocol and provide links to the protocol specification. Also, please ensure that you are able to be contacted through CodePlex so we can start a dialog with you about obtaining the parser and including it, please do not attach it to your request. We'd like to ensure there are no possible conflicts with your submission request before proceeding. We'll get back to you as soon as we can.

If you have any questions regarding our processes, please don't hesitate to contact us and post in our discussions forum.

Parser Development
The great thing about Microsoft Network Monitor is that all the parsers' source is included out of the box. Just click on the "Parsers" tab in the UI and off you go. You'll have access to over 300 protocol parsers (be sure to turn off stubs in the Options dialog to see the Windows parsers). Feel free to use these examples to learn more. In addition, you have the Parser Development manual accessible from Help->NPL and API documentation.

Tutorials
  • Guided Introduction - A tutorial has been posted for writing parsers. It demonstrates a basic introduction to parser development through a guided example parser. Please feel free to download the PDF here: Tutorial, Writing a Parser from Wire to Window.

As things progress, I'm sure we'll post more information here, and again please don't hesitate to contact us and post in our discussions forum.

Last edited Jan 12, 2010 at 8:13 PM by PaulLong, version 5

Comments

No comments yet.