How to use ETW from a C++ windows client
https://stackoverflow.com/questions/2134384
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian문제
I'm researching Event Tracing for Windows (ETW) to allow a user-mode windows client to write out tracing information. The existing documentation is, to put it lightly, insanely incomplete. What would really help is a simple C++ example that writes out tracing messages using ETW. Does such an example exist? Is there other ETW documentation you might recommend?
해결책
To write a Provider for ETW you have two options of either writing it as a manifest-based provider (preferred for Vista or higher) or a classic provider for legacy support. If manifest-based is the approach you want to go with then check out an example here. Alternatively you have find a classic provider example here.
I suppose you want to use a manifest-based approach as its better and can support up to 8 sessions. The first step for a manifest-based provider needs to do is to register the event using EventRegister and and then write to it via the EventWrite or EventWriteString function.
다른 팁
This document from Microsoft is a good one to begin with here
