-2

How can I decode and parse an ETW log file in Javascript?

I found a few related NPM packages (windows-event-reader, win-getevent) but they are Node wrappers for the Get-WinEvent Powershell command. As my tool runs exclusively in the browser, those aren't an option for me.

Scenario

  • We have kernel level components that log via ETW and generate .ETL files.
  • We have a log search tool written in Angular 7 / Javascript.
  • The log search tool supports "offline" mode and is able to parse user mode logs that are drag-and-dropped into the browser window.
  • The log search tool needs to also support ETL files in 'offline' mode.
  • As ETL files are encoded and not plain text, I need help figuring out how to decode these files using only Javascript.
tonjohn
  • 255
  • 2
  • 14
  • It's unclear what was unclear about my original post XD It would be great if people who voted to close this left a comment regarding what was unclear. Regardless, I've updated the question per the guidelines. – tonjohn Sep 05 '19 at 17:16

1 Answers1

1

I think it's a wrong way to do it. You should:

  1. define text or json format for files which could be handled by your app in offline mode
  2. create public command line tool to convert any file (etl in your case) to your text/json format

Please check speedscope app and read this awesome article from Adam Sitnik "Profiling .NET Code with PerfView and visualizing it with speedscope.app"

mtkachenko
  • 5,389
  • 9
  • 38
  • 68