ETW – Consuming events

20 בפברואר 2011

no comments

ETW – Consuming events

You may or may not have heard about ETW which is a powerful tool for event tracing, which
one of it’s most significant advantages is it’s performance . At the following SDP, You are more than welcome to hear Yaniv Rodenski and myself talk about it.

At this post I will demonstrate how to consume an event written by an application writes this
events. I will do so by creating Data Collector Set .
There are some ready-made providers for CLR, ASP.Net and more, however in order to simplify I’ve chosen to take a manifest-based application. In order to create it
you can read this post which describe how to do so step by step.

Create a data collector
A data collector is a trace listener for ETW that uses one or more ETW provider and writes
it’s / their events to a .etl file.

In order to have the data collector you can use a command line tool called logman or use the computer management tool. In here I’ll demonstrate the computer management tool:

1. Go to Computer management –> Performance –> Data Collector sets –> User defined

2. Write click –> Choose “New” –> Data collector set, this dialog box will open:

Data collector wizard - 1st screen

3. Name your data collector and choose “Create manually”  (and press “Next”)

4. At the next step, choose “Event trace data”

Selecting event data

5. After pressing next, we get to choose our provider (or providers)
   Here we choose the provider named “ExampleProvider” .

Choose ETW provider(s)

6. Now, back to the provider’s  screen, let’s make sure that the trace will capture events with the keyword set for our provider earlier. we do so by pressing the Keyword(any) 
property, pressing the “Edit” button and set the value to 0×8000000000000000.  

Set provider properties
 

7. Now we can select the event trace log (etl) file location. I’ve left the default

Select .etl file location

8. You can have the data collector run on different credentials than the default. |
We’ll leave it as is

Now we have our data collector set ready. Now all we have to do is two things:

1. Run it (Right click –> Start)

Start the data collector set 

2. Run our application

We will see a .etl file on the directory we’ve set earlier. This file is

Summary:

In this post I’ve shown how to create an ETW Data Collector set to consume an ETW Provider.  We’ve gone through all steps in defining the data collector set. This process works also for the classic providers already exist.

Next post, we'll dive into the .etl file and read our events.  

kick it on DotNetKicks.com

Add comment
facebook linkedin twitter email

כתיבת תגובה

האימייל לא יוצג באתר. (*) שדות חובה מסומנים

תגי HTML מותרים: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>