Introduction:

Microsoft Network Monitor is a tool distributed through Microsoft as a free download. It is used for monitoring network traffic and can come with parsers for analyzing what is captured. It is not limited to analyzing a single application’s traffic. There are also multiple views for interpreting the network traffic. After a started ‘capture’ is completed, it may help to parse the results.

Requirements:

Microsoft Network Monitor download/install and Log Parser download/install (both are available from Microsoft’s Download Center)

Procedure:

Start and complete a ‘capture’ in Microsoft Network Monitor. Go to File -> Save As… and save the data as a .cap (capture) file. Make note of the file’s directory and name.
Open up Log Parser and view the help information. Then, type a command to convert the file to a .csv file for easy parsing. Your command may be similar to:

LogParser -i:netmon -o:csv "select * into C:\Path\outputFile.csv from C:\Path\originalFile.cap"

class=”howToCodeBlock”>

The syntax is slightly SQL-like. With the appropriate file paths written for the input (.cap) and output (.csv) files, you will have a .csv file conversion as a result.
Finally, you can use a method of your choice to parse the .csv file for data analysis.

More Information:

See the Log Parser help screen when you first launch the application.