issues
search
microsoft
/
krabsetw
KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
Other
588
stars
147
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Correctly handle kernel addresses in an x86 stack trace
#241
mihai12p
closed
3 weeks ago
7
GetTraceDataProviders in provider.hpp has high CPU usage and takes 2-3 second to return?
#240
rjadidi920
opened
1 month ago
0
Align assembly version with package version.
#239
HydrophobicMinghao
closed
2 months ago
0
Could not load Microsoft.O365.Security.Native.ETW in C# .NET 6.0
#238
gleen-code
closed
2 months ago
2
Getting PMC data
#237
SpencerTSmith
closed
3 months ago
1
Update package versions and release notes.
#236
HydrophobicMinghao
closed
3 months ago
1
Missing events when event burst happen even after setting the EVENT_TRACE_PROPERTIES to large number of buffers?
#235
subvert0r
opened
3 months ago
3
Add Windows ARM64 port for managed wrappers.
#234
HydrophobicMinghao
closed
3 months ago
3
NuGet feeds are not compliant with NuGet feed security requirements
#233
matt-vanderkolk
closed
4 months ago
1
Couldn't installed KrabsETW nuget package via Visual Studio 2022
#232
KnightChaser
opened
5 months ago
0
both Windows XP and Windows 2008 support ETW. Why not support these two systems?
#230
zhuxiujia
opened
7 months ago
1
Does krabs etw handle trace closure in case of program crash? Can it cause a problem in enabling and starting the same session again?
#229
subvert0r
closed
7 months ago
2
Can't query providers infomation using logman when setup a kernel trace using krabs::kernel::virtual_alloc_provider provider.
#228
Cishanduwang
closed
7 months ago
1
Create testfile.md
#227
x86phil
closed
7 months ago
0
Stability fixes in native code
#226
starix
opened
7 months ago
0
Why Service Control Manager provider doesn't generate any event id?
#225
subvert0r
opened
7 months ago
2
Possible ways to protect ETW trace sessions from getting stopped?
#224
subvert0r
closed
8 months ago
1
Does krabs c++ library support c++11? What about v120 platform toolset?
#223
subvert0r
closed
7 months ago
1
Expose ExtendedData
#222
ps1337
opened
8 months ago
1
Ability to control EVENT_FILTER_DESCRIPTOR
#221
ps1337
opened
8 months ago
1
Benefits and drawbacks of using a kernel_trace vs a user_trace for consuming an event which is in both?
#220
subvert0r
closed
8 months ago
5
Correct way for copying every info related to a given event in my event callback and passing it to another thread?
#219
subvert0r
closed
8 months ago
1
No proper explanation for kernel_trace vs user_trace?
#218
subvert0r
closed
8 months ago
3
Errors in file code
#217
S-p-y-C
opened
10 months ago
0
need support vs2022
#216
WangHHY19931001
opened
11 months ago
0
#214
#215
kaaleksandr
closed
11 months ago
3
Add out type for the property (_TDH_OUT_TYPE)
#214
kaaleksandr
closed
11 months ago
1
[Help] i use c++ 11 and i create a payload filter then failed , status = ERROR_NOT_FOUND
#213
ShiverZm
opened
1 year ago
0
The object_manager_provider does not support DuplicateHandle events
#212
jstarink
opened
1 year ago
1
Parsing .NET EventSource
#211
bobsira
opened
1 year ago
1
Add a trace interface to enable ignoring MOF events
#210
acyr
opened
1 year ago
2
Add a method to return the provider GUID from a given schema
#209
acyr
closed
1 year ago
0
How to get the user mode call stack
#208
slayercat
opened
1 year ago
0
Add trace parsing from a file instead of realtime
#206
acyr
closed
1 year ago
2
Expose ExtendedData in a more general way.
#205
kylereedmsft
opened
1 year ago
0
add call stack enrichment to the C# example
#204
jdu2600
closed
1 year ago
0
heap alloc etw don't work
#203
chena1982
opened
1 year ago
1
Use krabsetw to detect .Net memory loading
#202
findream
opened
1 year ago
0
"no_trace_sessions_remaining" exception
#201
findream
closed
1 year ago
1
Possible race condition
#200
daladim
opened
1 year ago
1
Kernel image load event stackwalk not work
#199
0xhellord
opened
2 years ago
0
update test run settings
#198
henriblMSFT
closed
2 years ago
0
This repo is missing important files
#197
microsoft-github-policy-service[bot]
closed
2 years ago
0
Adding Microsoft SECURITY.MD
#196
microsoft-github-policy-service[bot]
closed
2 years ago
0
Question: possible inconsistency between schema, schema_key and the MS doc
#195
daladim
opened
2 years ago
1
build and package krabs etw with .net 6.0 support
#194
henriblMSFT
closed
2 years ago
0
Wrong schema retrieval with TraceLogging events
#193
tomer-gavish
opened
2 years ago
2
Service Control Manager
#192
Jondoe398
opened
2 years ago
2
add stack trace helpers (#26)
#191
jdu2600
closed
2 years ago
6
System.TypeInitializationException under .NET Framework 4.7.2 and 4.8
#190
securityfreax
opened
2 years ago
0
Next