randomascii
commented
8 years ago See also EventWriteString https://msdn.microsoft.com/en-us/library/windows/desktop/aa363750(v=vs.85).aspx
Closed randomascii closed 7 years ago
randomascii
commented
8 years ago See also EventWriteString https://msdn.microsoft.com/en-us/library/windows/desktop/aa363750(v=vs.85).aspx
letmaik
commented
7 years ago What's the status on this? I somehow thought that this would automagically work since it is based on ETW.
randomascii
commented
7 years ago It is probably a matter of tweaking UIforETW so that it records the appropriate provider - ETW tracing requires that you opt-in to each provider you want to record. I have not checked to see what provider is needed.
You can try this yourself by going to settings and adding to the "Extra kernel flags" or "Extra user mode providers" fields.
letmaik
commented
7 years ago Ah, that was easy. I just copied my provider GUID into the "Extra user mode providers" field and everything worked perfectly. I guess nothing is really missing in UIforETW except maybe a note in the README or something.
On 23/01/2017 18:09, Bruce Dawson wrote:
It is probably a matter of tweaking UIforETW so that it records the appropriate provider - ETW tracing requires that you opt-in to each provider you want to record. I have not checked to see what provider is needed.
You can try this yourself by going to settings and adding to the "Extra kernel flags" or "Extra user mode providers" fields.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/google/UIforETW/issues/84#issuecomment-274568902, or mute the thread https://github.com/notifications/unsubscribe-auth/AAgaLDMzhqKo-2A7rw-j6QJFHpPRMIIlks5rVOzSgaJpZM4I4xSR.
randomascii
commented
7 years ago Is it a custom provider GUID? If you could write a note for the README that would be appreciated - I'm not sure when I'll get to it.
mwinterb
commented
7 years ago For TraceLogging, the GUID is based on each provider name, there's a link to a C# app + source at the blog below that has the translation. https://blogs.msdn.microsoft.com/dcook/2015/09/08/etw-provider-names-and-guids/ Maybe UIforETW could follow the WPR's translation convention? "Support for this convention has been added to WPR. Normally, you provide WPR with the provider’s GUID, but if you generated the provider GUID using the EventSource algorithm, you can instead provide the friendly name to WPR prefixed with an asterisk, e.g. “*MyProviderName”."
randomascii
commented
7 years ago Good idea. That would be a great convenience feature. I still don't know when I'll get to it (some day...) but pull requests are welcome.
letmaik
commented
7 years ago I just tested that. I regenerated the GUID for my app using the tool in the blog post and now I can use the name as *MyProvider in the "Extra user mode providers" field. Not much convenience missing I'd say. You just have to remember the asterisk.
mwinterb
commented
7 years ago It looks like the older xperf.exe's don't support the convention, and while TraceLogging as an API was added with the Windows 10 SDK, the emitted events can still be captured on older OS's (at least Server 2K8 R2) with the GUID.
@randomascii it seems better to always do the translation rather than base it on OS / xperf version. Do you agree? And related to that, do you know if there are any illegal characters in provider names? Preferably '+'?
randomascii
commented
7 years ago Resolved by a68459bd41565a5ddc2c7c5ec1de64a02e460e26 I believe?
https://msdn.microsoft.com/en-us/library/windows/desktop/dn904636(v=vs.85).aspx
TraceLogging is the new Windows 10 event tracing framework for user-mode applications and kernel-mode drivers. TraceLogging builds on Event Tracing for Windows (ETW) and provides a simplified way to instrument code.