microsoft krabsetw issues

microsoft / krabsetw

KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.

Other

577 stars 147 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Align assembly version with package version.

#239 HydrophobicMinghao closed 3 weeks ago
0
Could not load Microsoft.O365.Security.Native.ETW in C# .NET 6.0

#238 gleen-code closed 3 weeks ago
2
Getting PMC data

#237 SpencerTSmith closed 1 month ago
1
Update package versions and release notes.

#236 HydrophobicMinghao closed 1 month ago
1
Missing events when event burst happen even after setting the EVENT_TRACE_PROPERTIES to large number of buffers?

#235 subvert0r opened 1 month ago
3
Add Windows ARM64 port for managed wrappers.

#234 HydrophobicMinghao closed 1 month ago
3
NuGet feeds are not compliant with NuGet feed security requirements

#233 matt-vanderkolk closed 2 months ago
1
Couldn't installed KrabsETW nuget package via Visual Studio 2022

#232 KnightChaser opened 3 months ago
0
Fix errors in clang

#231 gmh5225 closed 3 months ago
1
both Windows XP and Windows 2008 support ETW. Why not support these two systems?

#230 zhuxiujia opened 5 months ago
1
Does krabs etw handle trace closure in case of program crash? Can it cause a problem in enabling and starting the same session again?

#229 subvert0r closed 5 months ago
2
Can't query providers infomation using logman when setup a kernel trace using krabs::kernel::virtual_alloc_provider provider.

#228 Cishanduwang closed 5 months ago
1
Create testfile.md

#227 x86phil closed 5 months ago
0
Stability fixes in native code

#226 starix opened 5 months ago
0
Why Service Control Manager provider doesn't generate any event id?

#225 subvert0r opened 5 months ago
2
Possible ways to protect ETW trace sessions from getting stopped?

#224 subvert0r closed 6 months ago
1
Does krabs c++ library support c++11? What about v120 platform toolset?

#223 subvert0r closed 5 months ago
1
Expose ExtendedData

#222 ps1337 opened 6 months ago
1
Ability to control EVENT_FILTER_DESCRIPTOR

#221 ps1337 opened 6 months ago
1
Benefits and drawbacks of using a kernel_trace vs a user_trace for consuming an event which is in both?

#220 subvert0r closed 6 months ago
5
Correct way for copying every info related to a given event in my event callback and passing it to another thread?

#219 subvert0r closed 6 months ago
1
No proper explanation for kernel_trace vs user_trace?

#218 subvert0r closed 6 months ago
3
Errors in file code

#217 S-p-y-C opened 8 months ago
0
need support vs2022

#216 WangHHY19931001 opened 9 months ago
0
#214

#215 kaaleksandr closed 9 months ago
3
Add out type for the property (_TDH_OUT_TYPE)

#214 kaaleksandr closed 9 months ago
1
[Help] i use c++ 11 and i create a payload filter then failed , status = ERROR_NOT_FOUND

#213 ShiverZm opened 11 months ago
0
The object_manager_provider does not support DuplicateHandle events

#212 jstarink opened 1 year ago
1
Parsing .NET EventSource

#211 bobsira opened 1 year ago
1
Add a trace interface to enable ignoring MOF events

#210 acyr opened 1 year ago
2
Add a method to return the provider GUID from a given schema

#209 acyr closed 1 year ago
0
How to get the user mode call stack

#208 slayercat opened 1 year ago
0
Add trace parsing from a file instead of realtime

#206 acyr closed 1 year ago
2
Expose ExtendedData in a more general way.

#205 kylereedmsft opened 1 year ago
0
add call stack enrichment to the C# example

#204 jdu2600 closed 1 year ago
0
heap alloc etw don't work

#203 chena1982 opened 1 year ago
1
Use krabsetw to detect .Net memory loading

#202 findream opened 1 year ago
0
"no_trace_sessions_remaining" exception

#201 findream closed 1 year ago
1
Possible race condition

#200 daladim opened 1 year ago
1
Kernel image load event stackwalk not work

#199 0xhellord opened 1 year ago
0
update test run settings

#198 henriblMSFT closed 1 year ago
0
This repo is missing important files

#197 microsoft-github-policy-service[bot] closed 1 year ago
0
Adding Microsoft SECURITY.MD

#196 microsoft-github-policy-service[bot] closed 1 year ago
0
Question: possible inconsistency between schema, schema_key and the MS doc

#195 daladim opened 1 year ago
1
build and package krabs etw with .net 6.0 support

#194 henriblMSFT closed 1 year ago
0
Wrong schema retrieval with TraceLogging events

#193 tomer-gavish opened 2 years ago
2
Service Control Manager

#192 Jondoe398 opened 2 years ago
2
add stack trace helpers (#26)

#191 jdu2600 closed 2 years ago
6
System.TypeInitializationException under .NET Framework 4.7.2 and 4.8

#190 securityfreax opened 2 years ago
0
Add option to specify timestamp type

#189 pierricgimmig opened 2 years ago
0