issues
search
microsoft
/
krabsetw
KrabsETW provides a modern C++ wrapper and a .NET wrapper around the low-level ETW trace consumption functions.
Other
589
stars
147
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
.stop() should always call ControlTrace(STOP) - even if .open()/.start() has not been called
#90
jdu2600
closed
4 years ago
2
Unable to parse Schannel events
#89
bartecargo
closed
4 years ago
2
Support for x86
#88
samtatasurya
closed
4 years ago
1
Parsing erros for fields at the end of the record
#87
ghost
closed
4 years ago
4
Cosmetic fixes (wording, formatting)
#86
lupino3
closed
4 years ago
2
Feature Proposition: adding support for LINUX.... Would like having your opinions about that.
#85
issaharnoam
closed
4 years ago
2
Add support in C++/CLI for native ETW filtering
#84
swannman
closed
4 years ago
0
krabsetw performance
#83
dootyfree
closed
4 years ago
5
Catch and swallow destructor exceptions
#82
swannman
closed
5 years ago
3
kernel-network
#81
dootyfree
closed
5 years ago
3
Add ability to configure trace performance characteristics
#80
jdu2600
closed
4 years ago
5
Tracing Microsoft-Windows-Security-Auditing
#79
rushikeshpatil12
closed
5 years ago
10
.Net and Service Fabric provider(s) issue
#78
MedAnd
closed
5 years ago
4
Cross platform and .Net Core Support
#77
MedAnd
closed
5 years ago
2
File IO provider schema_not_found error!
#76
ejaz629
closed
4 years ago
4
Added <vector> include to event_filter.hpp to make it compile on VS2019
#75
bionicbeagle
closed
5 years ago
1
Missing Registry events.
#74
rushikeshpatil12
closed
5 years ago
1
Linking error with c++ project.
#73
rushikeshpatil12
closed
5 years ago
5
Add early return when finding provider by name
#72
swannman
closed
5 years ago
0
Missing break statement in String->GUID lookup when creating user mode providers.
#71
zacbrown
closed
5 years ago
0
Parsing TDH_INTYPE_WBEMSID
#70
FuzzySecurity
closed
4 years ago
7
Incorrect EventRecordMetadata->Opcode Size
#69
FuzzySecurity
closed
5 years ago
1
Address code review feedback from @kallanreed
#68
swannman
closed
5 years ago
3
Tdh_helpers pointer and size_t support
#67
zeavi
closed
4 years ago
4
WPP trace message capture
#66
udoe
closed
4 years ago
4
Formatting updates and a little cleanup.
#65
zacbrown
closed
5 years ago
0
Add RelatedActivityId to the events
#64
markantill
opened
5 years ago
3
Does krabsetw support resolving syscall address and return address in call-stacks?
#63
rainkin1993
closed
5 years ago
2
Better performance in event parser property_iterator
#62
wmatw
opened
5 years ago
12
Possible synchronization issue in schema_locator
#61
wmatw
closed
4 years ago
13
boosting krabs performance by filtering by event id on api level (without predicates)
#60
issaharnoam
closed
5 years ago
7
Update .nuspec dependency to match the dependency in the build
#59
swannman
closed
5 years ago
0
Question about IEventRecord
#58
Setheck
closed
5 years ago
1
Address additional nuget compliance requirements
#57
swannman
closed
5 years ago
0
Comply with requirements for MSFT-owned nuget packages
#56
swannman
closed
5 years ago
0
Update nuget version to 1.0.13
#55
swannman
closed
5 years ago
0
Provide separate open() and process() session calls
#54
aydany
closed
5 years ago
0
Update nuget package
#53
zacbrown
closed
5 years ago
1
KERNEL_LOGGER_NAME define issue
#52
randodev
closed
5 years ago
9
Address issues related to setting the C++ standard to C++17.
#51
zacbrown
closed
5 years ago
2
Doesn't compile under C++17
#50
nzbart
closed
5 years ago
2
find_property method in parser.hpp - cache having duplicated entries
#49
issaharnoam
closed
5 years ago
9
system_call_provider fix, and FileIo provider addition
#48
bionicbee
closed
6 years ago
1
Feedback for Windows diagnostics team about Event Viewer UI improvements
#47
ghost
closed
6 years ago
1
Update nuget versions
#46
swannman
closed
6 years ago
0
Add filtering by primitive types
#45
mjeong92
closed
6 years ago
6
What API souuld I use to consume ETW?
#44
ghost
closed
6 years ago
4
Fix errors when building with /permissive- (#42)
#43
jrave
closed
6 years ago
6
Does not compile with /permissive-
#42
jrave
closed
6 years ago
2
Improve property parsing
#41
aydany
closed
5 years ago
6
Previous
Next