DCSIMG
ETW–Reading events - Ran Wahle's blog

Ran Wahle's blog

ETW–Reading events

ETW–Reading events

SDP is coming soon, and we’re presenting another post on our ETW series. I’m taking the opportunity one again to come and hear Yaniv Rodenski and myself talk about it.

On my previous post I’ve shown how to consume ETW data using Data collector sets. What we’ve done there was setting the grounds for heaving a .etl file with the data we are going to read.

Let’s have another look at part of the code from Yaniv’s post

   EventDescriptor descriptor;
            unchecked
            {
                descriptor = new EventDescriptor(
                    0x7d1, 0x1, 0x10, 0x0, 0x0, 0x0, (long)0x8000000000000000
                    );
            }
    Console.WriteLine("Please enter the number of events to be written and 
                    press enter");
    var returns = int.Parse(Console.ReadLine());
 
    for (int i = 0; i < returns; i++)
    {
        // we pass the event descriptor by ref and the counter 
        // as our payload. Please note that the payload is passed 
        // as params object[] so we can enjoy some good ol' boxing
        provider.WriteEvent(ref descriptor, i);
    }
This is the code section that write the events to our data collector (i.e our .etl file). Let’s see 
first how will our .etl file look:
 
All we need to do is simply double click the file or open it with 
Windows Performance analyzer (XperfView) .
 
The screen will look like that:
image
 
The red points collection (which looks like line from here) are the events written to 
the .etl file. We can, for our own convenience, select part of the chart and press 
“Zoom to selection” as shown below:
Zoom to selection
 
After doing so we will see the chart as a collection of points, and now we can have a look at 
a single point and understand what an event actually is.
 
image
  
 

At the tooltip we can see the provider GUID (as being set in Yaniv’s post) along with the
data set in the event descriptor’s (the parameters at it’s contructor).
At the callback (bottom line) we can see number “4” which is the index
sent by our code to the WriteEvent method.

Event data tooltip

Summary:

In this post we’ve seen an etl file visualization with XperfView. The file is the data collected
by operating our Data Collectors Set as shown at my previous post . Next I’ll discuss some
more features of XperfView.

kick it on DotNetKicks.com
Posted: Feb 22 2011, 04:00 PM by Ran Wahle | with no comments

Comments

No Comments

Leave a Comment

(required) 

(required) 

(optional)

(required) 


Enter the numbers above: