Upload File

message analyzer parsers for sql...value definition mapping showing not only the parsed data in ui,...

  • Home
  • Documents
  • Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification
27

Upload: others

Post on 03-Sep-2020

43 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification
Page 2: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Message Analyzer Parsers for SQL

Lin Dong

SQL OIPI Test Development Team

Page 3: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Agenda

Message Analyzer Overview

Exploring the Message Analyzer UI

Message Analyzer Parser Overview

SQL Parsers with Message Analyzer

Resource

1

2

3

4

5

Page 4: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

▅ Can be used to capture, display, analyze protocol

messaging traffic

▅ Captured info can be:

▪ Used for network diagnostics, protocol validation/analysis

etc.

▪ Saved for later processing

▅ Can save traffic info as .MATP or a .CAP

▅ Can track local traffic, or traffic to and from remote

machines

Message Analyzer Overview

Page 5: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Message Analyzer Overview

Supported Input Source

.cap .pcap .log .evtx

SQL Azure Blob Powershell

And more!

Page 6: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Message Analyzer Overview

Network Administrator

Network troubleshooting and analysis.

Network Support Analyst

Help Desk scenarios: capture data for

clients or to aggregate log and trace data

from multiple sources and different time

zones for analysis.

Protocol Developer

Generates network protocol code and uses

Message Analyzer as a validator of

protocol behavior, architecture, message

field values, and state.

Event Tracing Developer

Instruments applications with ETW

technology and uses Message Analyzer to

capture the events from ETW providers.

Tracer

Typically a client who is experiencing issues

in some area and is requested to take a

trace for in-depth analysis by a Network

Administrator or Support Analyst.

Message

Analyzer

User Roles

Page 7: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Message Analyzer Overview

https://www.microsoft.com/en-us/download/details.aspx?id=44226

https://www.microsoft.com/en-us/download/details.aspx?id=44226
Page 8: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Exploring the Message Analyzer UI

Page 9: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Exploring the Message Analyzer UI

Page 10: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Exploring the Message Analyzer UI

Page 11: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Exploring the Message Analyzer UI

TCP.Port == 80

TCP.Port != 3389 // Remove RDP

*PayloadLength > 1000

(TCP.Port == 1234 and HTTP) or SMB

IPv4.Address == 192.168.1.1

Page 12: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Message Analyzer Parser Overview

OPN Parser

Saved Message Capture File

Page 13: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Message Analyzer Parser Overview

Parsing the raw data based on the message syntax defined in Microsoft open

specification.

Recognize those messages belong to Specific protocols.

Value definition MappingShowing not only the parsed data in UI, but also the definition behind the data

which is defined in Microsoft open specification.

Reassemble packets in to a long message.

Decoding encoded stream to make it human-readable.

Beyond the message syntax validation, parsers can also provide the protocol level

restriction validation.

Value definition Mapping

Page 14: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Message Analyzer Parser Overview

Parsing the raw data based on the message syntax defined in Microsoft open

specification.

Recognize those messages belong to Specific protocols.

Value definition

MappingShowing not only the parsed data in UI, but also the definition behind the data

which is defined in Microsoft open specification.

Reassemble packets in to a long message. Length = 0x07

Name=

0x4C697361Age = 0x10

E4074C69736110

E4 07 4C697361 10

Decoding encoded stream to make it human-readable.

Type = Person

Length = 6

Name = Lisa

Age = 16

Beyond the message syntax validation, parsers can also provide the protocol level

restriction validation.

Value definition Mapping

Type = 0xE4

Page 15: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Message Analyzer Parser Overview

Windows Parsers

Office and SharePoint

Parsers

Exchange, SkypeParsers

SQL Parsers

Core and Common Parsers

Microsoft Message Analyzer (MMA)

Page 16: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

What SQL Protocol Parsers does MA provide?

Network Connectivity and Application Development parser package

covers 1 protocol (was released in Microsoft Common)◼ MS-TDS

Analysis Services parser package covers 2 protocols (Newly Released)◼ MS-SSAS

◼ MS-SSAS-T

SQL Parsers with Message Analyzer

Page 17: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

SQL Parsers with Message Analyzer

▅ Get MA SQL parsers

Windows Parsers

Core and Common Parsers

Microsoft Message Analyzer (MA)

MS-TDS Parser

Page 18: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

SQL Parsers with Message Analyzer

▅ Get MA SQL parsers

Windows Parsers

Core and Common Parsers

Microsoft Message Analyzer (MA)

MS-TDS Parser

SQL Parsers

Page 19: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

SQL Parsers with Message Analyzer

▅ Get MA SQL parsers

Page 20: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

SQL Parsers with Message Analyzer

▅ Get MA SQL parsers

Page 21: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

SQL Parsers with Message Analyzer

▅ Get MA SQL parsers

C:> Users > [UserName] > AppData > Local > Microsoft > MessageAnalyzer > OPNAndConfiguration > OPNs

Page 22: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Demo

See the difference comparing parsing result with and without MSSSAS OPN.

Demo

Page 23: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Demo

Without SQL Parser

Page 24: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Demo

WithSQL Parser

Page 25: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Resources

Microsoft Message Analyzer Operating Guide

Microsoft Message Analyzer download

Message Analyzer Tutorial

SQL Server Technical Documents

Interop Events website

https://docs.microsoft.com/en-us/message-analyzer/microsoft-message-analyzer-operating-guide
https://www.microsoft.com/en-us/download/details.aspx?id=44226
https://docs.microsoft.com/en-us/message-analyzer/message-analyzer-tutorial
https://docs.microsoft.com/en-us/openspecs/sql_server_protocols/ms-sqlprotlp/3432cb95-3f91-446d-86d7-b9ea0816464e
https://interopevents.com/
Page 26: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification
Page 27: Message Analyzer Parsers for SQL...Value definition Mapping Showing not only the parsed data in UI, but also the definition behind the data which is defined in Microsoft open specification

Generating Parsers With Javacc

Xml parsers

Innovile GPEH and PCHR parsers

Using the Penn Parsed Corpora of Historical English …kroch/handouts/Waseda-PPCHE...automatic parsing and parsing correction. Annotation software Available parsed corpus resources

Parsers - Elsevier€¦ · Section 3.3 introduces top-down parsing in the form of recursive-descent parsers and ll(1) parsers. Section 3.4 examines bottom-up parsing as exemplified

Scala parsers Error Recovery in Production

Introduction - arXiv · data-manipulation. For instance, the Web is built on parsers. The HyperText Transfer Protocol (HTTP) is a parsed dialog between the client, or browser, and

Features of Statistical Parsers - Macquarie Universityweb.science.mq.edu.au/~mjohnson/papers/ms-uw06talk.pdf · Features of Statistical Parsers Mark Johnson ... • Could the two

Writing Parsers and Compilers with PLY

Parsed documents from the Oviedo Cathedral Archive (13th

2301373Semantic Analysis1 Checking what parsers cannot

Parsers, Scanners & Regular Expressions

Attribute Grammars and Parsers for Chunk-Based Binary …perpos.gtri.gatech.edu/...Attribute_Grammars_and_Parsers_for_Chunk... · Attribute Grammars and Parsers for Chunk-Based Binary

Lecture 15: Parsers - California State Polytechnic ...patriceb/CS352S17-Lecture15 Parsers (Slides).pdf · Lecture 15 Haskell IO Revisited Creating Parsers in Haskell. Haskell IO

NATURAL LANGUAGE PARSERS - uni-heidelberg.dehellwig/pars04.pdf · The definition of parsing depends on the discipline that is involved. ... The algorithm is based exclusively on the

( LR(0), SLR, CLR and LALR Parsers) Bottom Up Parsing - LR ...€¦ · Bottom Up Parsing - LR parsers ( LR(0), SLR, CLR and LALR Parsers) LR parsers are non-recursive, shift reduce

Exploring Karuk morphology in a parsed text corpus

Compiladores Parsers Parsers Predictivos, LL(0), LL(k), Parsers shift-reduce, Construcción de un Parser LL(0)

XML Parsers By Chongbing Liu. XML Parsers What is a XML parser? DOM and SAX parser API Xerces-J parsers overview Work with XML parsers (example)

Streaming APIs for XML Parsers

Message Analyzer Parsers for SQL - Microsoft

Streaming APIs for XML Parsers - Oracle · make them available over the Web by utilizing XML. To use this XML meaningfully in an application, it needs to be parsed and the relevant

Recursive Descent Parsers

How Parsers and Compilers Work

Implementing LR Parsers

Lexical Analyzers and Parsers

ANNOTATION FOR ALLps.clul.ul.pt/files/Papers-Congressos-PDFs/MagroAnnotationForAll.pdf · Japanese (NPCMJ) Portuguese parsed corpora Audio-Aligned and Parsed Corpus of Appalachian

A TESTING STRATEGY FOR HTML5 PARSERS

PetitParser: Building Modular Parsers

Lexers, parsers, JavaCC: update. - Respuesta Digital

LR PARSERS

LR Parsers - E-STUDYthirdyearengineering.weebly.com/uploads/3/8/2/8/... · LR Parsers Most powerful shift-reduce parsers and yet efficient. LR(k) parsing L : left to right scanning

Comparing Java XML Parsers Ver1 0

THE spdf ELECTRON ORBITAL MODEL PARSED

Compiler CompilerTutorial - Faculty of ICT Maltasspi3/CSA2010_Tutorials-Part1.pdf · 2010-03-17 · Javacc A compiler that creates Parsers / Compilers The source code is a definition