Compilation error with Windows Kit 8.1 (EventNameOffset)

microsoft / krabsetw

KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.

Other

588 stars 147 forks source link

Compilation error with Windows Kit 8.1 (EventNameOffset) #183

Open pierricgimmig opened 2 years ago

pierricgimmig commented 2 years ago

The EventNameOffset property of TRACE_EVENT_INFO was added in "Windows 10 Fall Creators Update (2017)" as this comment suggests. Should Windows 10 be a requirement for krabsetw, or should the use of EventNameOffset be "ifdefed" out for earlier versions of the Windows SDK?

swannman commented 2 years ago

Hi @pierricgimmig, yes - the Windows 10 SDK is a requirement for compiling against the krabsetw headers today. Is this a blocker for your application? Would love to learn more so we can consider alternate approaches. Thanks!

pierricgimmig commented 2 years ago

Hi @swannman , thanks for the info. It is not a blocker for us, no. It came up when compiling on a machine that used the Windows 8.1 SDK, but it was easily fixed by switching to the Windows 10 version, which was already installed.

In krabsetw's README however, we can see:

krabsetw and Microsoft.O365.Security.Native.ETW are only supported on Windows 7 or Windows 2008R2 machines and above.

Maybe this should be updated? Or would a compiled application still work on Windows 7?

swannman commented 2 years ago

Thanks for the clarification! The compiled binary will work on Windows 7/2008 R2 and above.