Skip to content
一月 21, 2010 / wychi

Commands for ETW


  • logman.exe

logman.exe start MySession -ets -pf providers.txt

logman.exe stop MySession -ets

# providers.txt

{fb9244c9-f23a-4966-8a9c-97a51f8c355b} 0 5 Scenario

  • xperf.exe — Some other ETW events will be logged too, even if you specify the providers.

Xperf.exe -start MySession -on GUID:0xffffffff:5 -o foo.etl

Xperf.exe -stop MySession


  • tracerpt.exe

tracerpt.exe foo.etl -o foo_tracerpt.csv -of CSV

  • xperf.exe  — If manifest is registered, UserData will be dump only; if not, basic ETW info will be dump)

xperf.exe -i foo.etl -o foo_xperf.csv -a dumper

  • logparser — It seems that Logparser doesn’t support manifest-based provider. (I am not sure.)

LogParser.exe -i:ETW "select * from logman.etl" -e:0


在下方填入你的資料或按右方圖示以社群網站登入: Logo

You are commenting using your account. Log Out / 變更 )

Twitter picture

You are commenting using your Twitter account. Log Out / 變更 )


You are commenting using your Facebook account. Log Out / 變更 )

Google+ photo

You are commenting using your Google+ account. Log Out / 變更 )

連結到 %s

%d 位部落客按了讚: