Stack Overflow
Stack Overflow

Questions tagged [etw-eventsource]

Event Tracing for Windows (ETW) is a fast, scalable logging mechanism built into the Windows operating system. The EventSource class simplifies writing ETW provider as simple as writing just a few lines of code instead of creating a XML manifest, using the tool (MC.exe) to generate source code and registering the provider using the tool WEVTUTIL when the application was deployed.

Event Tracing for Windows (ETW) is a fast, scalable logging mechanism built into the Windows operating system. The EventSource class simplifies writing ETW provider as simple as writing just a few lines of code instead of creating a XML manifest, using the tool (MC.exe) to generate source code and registering the provider using the tool WEVTUTIL when the application was deployed.

Small Demo Example:

sealed class MinimalEventSource : EventSource
{
    public void Load(long ImageBase, string Name) { WriteEvent(1, ImageBase, Name); }

    public static MinimalEventSource Log = new MinimalEventSource();
}

Calling in code:

MinimalEventSource.Log.Load(10, “MyFile”);
68 questions
3
votes
1 answer

Migrating to semantic logging with Castle ILogger and log4net

What's the best way to start using the new .NET 4.5 EventSource class for logging for an application that's currently using Castle's Logging Facility combined with log4net. Initially I thought that it might be possibly to extend Castle's ILogger…
David Gardiner
  • 16,892
  • 20
  • 80
  • 117
3
votes
2 answers

EventSource .net 4.0 GenerateManifest

I've been trying to work with ETW in .net 4.0. I have started using Microsoft EventSource Library 1.0.4-beta (https://www.nuget.org/packages/Microsoft.Diagnostics.Tracing.EventSource) Here is the code i written for generating events for my…
KRP
  • 131
  • 1
  • 3
  • 15
3
votes
1 answer

Is there a log viewer application that can read log messages from Azure Table Storage?

Microsoft recently released Enterprise Library 6 which contains the new Semantic Logging Block. One of the options available with the Semantic Logging Block is the ability to write log messages to Windows Azure Table Storage, which sounds like a…
Mike
  • 7,500
  • 8
  • 44
  • 62
2
votes
0 answers

How do I add spaces to folder names being created in Event Viewer > Application and Services logs?

Currently, I'm using EventSourceAttribute to create a hierarchy of subfolders in Application and Services log in Event Viewer. This is my code [EventSource(Name = "Service-MacClient-EventSource")] public sealed class MinimalEventSource :…
John Evans Solachuk
  • 1,953
  • 5
  • 31
  • 67
2
votes
0 answers

ETW Tracing: Log files are corrupted after few days of continuous tracing

We use ETW Custom EventSource (inherit from Microsoft.Diagnostics.Tracing.EventSource, Microsoft.Diagnostics.Tracing.EventSource.Redist.1.1.28 from NUGET) to instrument our application. Our provider is enabled in a session which can capture the…
Balaji Narayana
  • 21
  • 1
2
votes
0 answers

Azure diagnostics - Event Source is always disabled

I am trying to log the ETW events by enabling Azure Diagnostics in my cloud service. After deployment, if I check in the Diagnostics Configuration dialog, ETW logs seems to enabled. Also, all the WAD* tables get created but my custom ETW tables…
Saurabh
  • 157
  • 1
  • 3
  • 11
2
votes
1 answer

EventSource in .NET 4.6 & Event Viewer

I'd like to ask a very specific question about writing to the event viewer using the System.Diagnostics.Tracing.EventSource and .NET 4.6 class. In the past, if you wanted to use the event viewer channels you needed to write/generate an XML manifest…
PhilH
  • 60
  • 2
  • 7
2
votes
1 answer

ETW EventSource not logging events on Windows Server

I wrote an ETW EventSource using the Microsoft EventSource Libary 1.1.25 on Nuget. The purpose of the EventSource is to send events to a custom event log for a security application we maintain. The code works locally, but we can not get events to…
Rob C
  • 51
  • 7
2
votes
1 answer

EventSource - Unable to get method signature changes to apply

I am logging to ETW using EventSource. We are using .Net Framework 4.5. Since I am in the infancy of development I will be changing the method signatures frequently within my subclass of EventSource. I really don't want to have to increment the…
Gene S
  • 2,735
  • 3
  • 25
  • 35
2
votes
1 answer

Reading circular ETW log file with ETWTraceEventSource

Short version - Why does ETWTraceEventSource return 0 log entries for a 100mb circular log file? Long version - I've modified an IIS application to use ETW logging (using the nuget package). My event source looks like this: - [EventSource(Name =…
Phil Lambert
  • 1,047
  • 9
  • 16
2
votes
2 answers

How can I capture process names using the TraceEvent library?

I'm using the TraceEvent library to capture ETW traces, but I'm not able to determine the name of the process that caused an event. Here is what I have so far: var session = new TraceEventSession(sessionName,…
Kendall Frey
  • 43,130
  • 20
  • 110
  • 148
2
votes
1 answer

How to define names hierarchy in ETW EventSource?

In my project I use System.Diagnostics.Tracing.EventSource like this: namespace kafka4net.Tracing { [EventSource(Name = "kafka4net")] public class ConnectionTrace : EventSource { public static ConnectionTrace Log = new…
Vadym Chekan
  • 4,977
  • 2
  • 31
  • 24
2
votes
2 answers

Rolling file for ETW EventSource .NET 4.5

I've been trying to work with ETW in .net 4.5. I have a WCF Service and Console App, and I want which uses EventSource to write messages, however, I'm struggling to understand how to create my own ETW (EventSource and EventListener) for log to a…
Kiquenet
  • 14,494
  • 35
  • 148
  • 243
1
vote
0 answers

Is it possible to make a event channel with a custom name WHILE logging into a subfolder with ETW in the Event Viewer?

Here is my problem: I first tried to implement folders in the Event Viewer under "Application and Services", but the System.Diagnostics.EventLog Class does not seem to support this. So then I encountered ETW, which provides the ability to create…
Junes
  • 67
  • 1
  • 5
1
vote
0 answers

Powershell implement C# System.Diagnostics.Tracing.EventSource

So maybe I am just ignorant, but C# has some lovely functionality with System.Diagnostics.Tracing.EventSource that make writing new event sources super simple. I've got some functionality built up around this convenient api that allows these logs to…
Ethan Criss
  • 35
  • 5
1
2
3 4 5