issues
search
microsoft
/
krabsetw
KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
Other
577
stars
147
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Align assembly version with package version.
#239
HydrophobicMinghao
closed
3 weeks ago
0
Could not load Microsoft.O365.Security.Native.ETW in C# .NET 6.0
#238
gleen-code
closed
3 weeks ago
2
Getting PMC data
#237
SpencerTSmith
closed
1 month ago
1
Update package versions and release notes.
#236
HydrophobicMinghao
closed
1 month ago
1
Missing events when event burst happen even after setting the EVENT_TRACE_PROPERTIES to large number of buffers?
#235
subvert0r
opened
1 month ago
3
Add Windows ARM64 port for managed wrappers.
#234
HydrophobicMinghao
closed
1 month ago
3
NuGet feeds are not compliant with NuGet feed security requirements
#233
matt-vanderkolk
closed
2 months ago
1
Couldn't installed KrabsETW nuget package via Visual Studio 2022
#232
KnightChaser
opened
3 months ago
0
Fix errors in clang
#231
gmh5225
closed
3 months ago
1
both Windows XP and Windows 2008 support ETW. Why not support these two systems?
#230
zhuxiujia
opened
5 months ago
1
Does krabs etw handle trace closure in case of program crash? Can it cause a problem in enabling and starting the same session again?
#229
subvert0r
closed
5 months ago
2
Can't query providers infomation using logman when setup a kernel trace using krabs::kernel::virtual_alloc_provider provider.
#228
Cishanduwang
closed
5 months ago
1
Create testfile.md
#227
x86phil
closed
5 months ago
0
Stability fixes in native code
#226
starix
opened
5 months ago
0
Why Service Control Manager provider doesn't generate any event id?
#225
subvert0r
opened
5 months ago
2
Possible ways to protect ETW trace sessions from getting stopped?
#224
subvert0r
closed
6 months ago
1
Does krabs c++ library support c++11? What about v120 platform toolset?
#223
subvert0r
closed
5 months ago
1
Expose ExtendedData
#222
ps1337
opened
6 months ago
1
Ability to control EVENT_FILTER_DESCRIPTOR
#221
ps1337
opened
6 months ago
1
Benefits and drawbacks of using a kernel_trace vs a user_trace for consuming an event which is in both?
#220
subvert0r
closed
6 months ago
5
Correct way for copying every info related to a given event in my event callback and passing it to another thread?
#219
subvert0r
closed
6 months ago
1
No proper explanation for kernel_trace vs user_trace?
#218
subvert0r
closed
6 months ago
3
Errors in file code
#217
S-p-y-C
opened
8 months ago
0
need support vs2022
#216
WangHHY19931001
opened
9 months ago
0
#214
#215
kaaleksandr
closed
9 months ago
3
Add out type for the property (_TDH_OUT_TYPE)
#214
kaaleksandr
closed
9 months ago
1
[Help] i use c++ 11 and i create a payload filter then failed , status = ERROR_NOT_FOUND
#213
ShiverZm
opened
11 months ago
0
The object_manager_provider does not support DuplicateHandle events
#212
jstarink
opened
1 year ago
1
Parsing .NET EventSource
#211
bobsira
opened
1 year ago
1
Add a trace interface to enable ignoring MOF events
#210
acyr
opened
1 year ago
2
Add a method to return the provider GUID from a given schema
#209
acyr
closed
1 year ago
0
How to get the user mode call stack
#208
slayercat
opened
1 year ago
0
Add trace parsing from a file instead of realtime
#206
acyr
closed
1 year ago
2
Expose ExtendedData in a more general way.
#205
kylereedmsft
opened
1 year ago
0
add call stack enrichment to the C# example
#204
jdu2600
closed
1 year ago
0
heap alloc etw don't work
#203
chena1982
opened
1 year ago
1
Use krabsetw to detect .Net memory loading
#202
findream
opened
1 year ago
0
"no_trace_sessions_remaining" exception
#201
findream
closed
1 year ago
1
Possible race condition
#200
daladim
opened
1 year ago
1
Kernel image load event stackwalk not work
#199
0xhellord
opened
1 year ago
0
update test run settings
#198
henriblMSFT
closed
1 year ago
0
This repo is missing important files
#197
microsoft-github-policy-service[bot]
closed
1 year ago
0
Adding Microsoft SECURITY.MD
#196
microsoft-github-policy-service[bot]
closed
1 year ago
0
Question: possible inconsistency between schema, schema_key and the MS doc
#195
daladim
opened
1 year ago
1
build and package krabs etw with .net 6.0 support
#194
henriblMSFT
closed
1 year ago
0
Wrong schema retrieval with TraceLogging events
#193
tomer-gavish
opened
2 years ago
2
Service Control Manager
#192
Jondoe398
opened
2 years ago
2
add stack trace helpers (#26)
#191
jdu2600
closed
2 years ago
6
System.TypeInitializationException under .NET Framework 4.7.2 and 4.8
#190
securityfreax
opened
2 years ago
0
Add option to specify timestamp type
#189
pierricgimmig
opened
2 years ago
0
Next