Microsoft Message Analyzer Deprecation Notice RRS feed

  • General discussion

  • Microsoft Message Analyzer (MMA) will be retired and its download packages removed from microsoft.com sites on November 25 2019.  There is currently no Microsoft replacement for Microsoft Message Analyzer in development at this time.  For similar functionality, please consider using a 3rd party network protocol analyzer tool such as WireShark.
    Versions Affected
    Versions 1.4 and earlier.
    Reason for Deprecation
    Microsoft Message Analyzer was last released in October 2016 and has not been under active development since that date. There are no plans for further public releases of Microsoft Message Analyzer.
    If you already have Microsoft Message Analyzer installed, you may continue to use it, along with the OPN parsers you have already downloaded. However, after November 25 2019, no versions of Microsoft Message Analyzer will be made available for public download on Microsoft.com sites and you will no longer be able to download OPN parsers.
    If you don’t already have Microsoft Message Analyzer installed, install it now before November 25 2019 from https://www.microsoft.com/en-us/download/details.aspx?id=44226.  
    If you already have Microsoft Message Analyzer installed, download the latest OPN parser packages before November 25 2019 by following the steps at https://docs.microsoft.com/en-us/message-analyzer/managing-microsoft-opn-parser-packages.

    Forum Moderator

    Wednesday, October 9, 2019 11:14 PM

All replies

  • Hello Althea! 

    Is there any chance that the software could be open sourced? I tend to rely on wireshark for quick and dirty tasks, but there are some things it simply can't do that MMA can. I have not found it's equal yet, and it would be a pretty great tool to lose.


    Friday, October 18, 2019 3:25 AM
  • Hi James,

    At this time there are no plans to open source MMA. 

    // I tend to rely on wireshark for quick and dirty tasks, but there are some things it simply can't do that MMA can.//

    What are your top 2-3 things? 

    Thanks for the feedback!



    Forum Moderator

    Tuesday, October 22, 2019 3:27 AM
  • So I just found out about the deprecation today, when I launched MMA.

    I only learned about MMA about 6 months ago.

    I don't use it often, but it's quite valuable when you need it - especially as it supports so many different file types, and lets you try and correlate events in time.

    Please re-consider, at least put the installers back up, and I agree, why not open source it if at all possible. (I mean, freaking Powershell is now open sourced...)

    If anyone knows of a comparable product/software, please post here!

    --Seek Truth, and you will find Joy!

    Tuesday, December 10, 2019 7:30 PM
  • Microsoft Message Analyzer is an invaluable tool and it's very difficult to replace all of its functionality! Please re-consider open-sourcing MMA if at all possible, or at least allowing installer download.
    Friday, January 31, 2020 9:07 PM
  • So here I am trying to diagnose why USB drives keep dropping off my Win 2016 server. Looks like this tool would be the best way to find the problem, which doesn't appear to be a hardware issue (drives work fine on other systems). Of course it isn't available anymore. So much for diagnostics in the OS.
    Thursday, March 12, 2020 8:20 PM
  • What are we supposed to use to analyze ETL files from `netsh trace`?
    Thursday, April 9, 2020 9:45 PM
  • Hi,

    You can use this tool to convert ETL format files to pcapng format files that Wireshark can analyze:




    Forum Moderator

    Friday, April 10, 2020 7:35 AM
  • Thank you.
    Friday, April 10, 2020 4:35 PM
  • "What are your top 2-3 things? "

    Same what Network monitor is able to do, filter by process id.

    Also as the name says: "message analyzer", it is able to analyze other logs as well e.g. IIS logs. Why you need to have ten different software's?

    So I really feel that decision to not continue developing it was not the perfect idea.

    Try to make Fenix to fly again :)


    Monday, May 25, 2020 2:06 PM
  • <sigh>  This is terrible news. 

    I just found this thread while validating the download link for a class I was going to teach to internal company IT engineers.  I've used Message Analyzer for years and found it to be an invaluable tool for investigating and analyzing much more than network layer traffic.

    Although using an .etl to pcap conversion to look at netsh captured network traffic is helpful - I often use the output from ETW Providers to troubleshoot HTTPS communication between two web services.  Since our servers are using Elliptic Curve Ciphers - the data cannot be decrypted using the certificate.  I rely on the higher level ETW provider data to view the HTTP data pre & post encrypted.

    I've worked with many MS higher level tools, such as windbg, message analyzer, etc & find it hard to believe L3 engineers & Field Engineers are being left without such a tool at their disposal.

    I certainly hope this is either open sourced, replaced, or revived - this is truly disappointing.


    Thursday, May 28, 2020 2:06 PM
  • I find it incredible that Microsoft abandons good tools like this.

    What is your suggestion for reading netsh trace ETL files?  I use the built-in Windows network trace function quite often.  Wireshark does not read them and netsh cannot dump to a standard capture file format.  Wireshark also does not read the CAB file information that is collected.
    Friday, July 10, 2020 8:30 PM
  • Hi mctstone,

    Check this for opening ETL files on WireShark:

    Converting ETL Files to PCAP Files


    Monday, July 27, 2020 10:20 AM