package etw

import "github.com/Microsoft/go-winio/pkg/etw"

Package etw provides support for TraceLogging-based ETW (Event Tracing for Windows). TraceLogging is a format of ETW events that are self-describing (the event contains information on its own schema). This allows them to be decoded without needing a separate manifest with event information. The implementation here is based on the information found in TraceLoggingProvider.h in the Windows SDK, which implements TraceLogging as a set of C macros.

Index

Types

type Channel 

type Channel uint8

Channel represents the ETW logging channel that is used. It can be used by event consumers to give an event special treatment. 

const (
	// ChannelTraceLogging is the default channel for TraceLogging events. It is
	// not required to be used for TraceLogging, but will prevent decoding
	// issues for these events on older operating systems.
	ChannelTraceLogging Channel = 11
)

type Level 

type Level uint8

Level represents the ETW logging level. There are several predefined levels that are commonly used, but technically anything from 0-255 is allowed. Lower levels indicate more important events, and 0 indicates an event that will always be collected. 

const (
	LevelAlways Level = iota
	LevelCritical
	LevelError
	LevelWarning
	LevelInfo
	LevelVerbose
)

Predefined ETW log levels from winmeta.xml in the Windows SDK.

func (Level) String 

func (i Level) String() string

type Opcode 

type Opcode uint8

Opcode represents the operation that the event indicates is being performed. 

const (
	// OpcodeInfo indicates an informational event.
	OpcodeInfo Opcode = iota
	// OpcodeStart indicates the start of an operation.
	OpcodeStart
	// OpcodeStop indicates the end of an operation.
	OpcodeStop
	// OpcodeDCStart indicates the start of a provider capture state operation.
	OpcodeDCStart
	// OpcodeDCStop indicates the end of a provider capture state operation.
	OpcodeDCStop
)

Predefined ETW opcodes from winmeta.xml in the Windows SDK.

func (Opcode) String 

func (i Opcode) String() string

Source Files

doc.go eventdescriptor.go level_string.go opcode_string.go

Directories

PathSynopsis
pkg/etw/sample
Version
v0.6.2 (latest)
Published
Apr 9, 2024
Platform
linux/amd64
Imports
2 packages
Last checked
1 day ago

Tools for package owners.