10 questions
- Bountied 0
- Unanswered
- Frequent
- Score
- Trending
- Week
- Month
- Unanswered (my tags)
-1
votes
0
answers
56
views
How to put the status of a big entity into a variable in powershell? [duplicate]
when I run the following code in powershell:
cls
$Name = "SQL_PerfMon_DeepDive" # <-- your set name
logman query $Name
I get the following result:
How can I get the status bit in red ...
0
votes
0
answers
74
views
Cannot get decriptions for events from ETW Providers
I created a trace on my Windows 10 laptop using this logman command:
logman create trace "Microsoft-Windows-Kernel-File" -p Microsoft-Windows-Kernel-File 0x1800 -o "C:\Logs\Microsoft-...
0
votes
0
answers
126
views
To fetch bytes sent/received per sec for particular application
Need to find amount of incoming outgoing network bytes using cmd/powershell command for specific application.
So I researched and found that there isn't any direct way to filter this data using netsat/...
0
votes
1
answer
133
views
What is the easiest method for forwarding ETW logs to Splunk receiver?
I am trying to forward some kernel-level events from my Splunk UF to my Splunk receiver.
I experienced with windows' built in utility - logman and was able to produce etl files and convert them to XML ...
0
votes
0
answers
110
views
Can you detect a specific DLLand function load using ETW?
Is it possible to monitor calls to specific DLL functions in ETW?
I am still new to ETW, so is there any good site or procedure that might be helpful to me?
It would be great to be able to run it from ...
2
votes
1
answer
2k
views
How to trace event logs from provider "Microsoft-Windows-RPC" programmatically
I want to create a program that will trace event logs from the provider "Microsoft-Windows-RPC".
The program logman.exe by Microsoft is doing it like that:
logman start RPC_ONLY -p Microsoft-...
0
votes
1
answer
358
views
The RPC Srver Unavailable , while executing logman commands
im trying to run logman commands from the command line. crate counter is working fine, but for other commands like:-logman start datacollector , and logman stop datacollector , im getting a error as:- ...
1
vote
1
answer
2k
views
How do I work with logman results using powershell cmdlets?
I am trying to filter the results of the logman command using powershell. I’ve tried to select a single property, filter using where-object, but it seems like the results from logman (stored in an ...
1
vote
0
answers
1k
views
How to implement continuous logging with C# EventSource and ETW?
We implement structured logging with System.Diagnostics.Tracing.EventSource, and use the inline provider manifests when collecting traces to avoid the installation headaches with EventRegister and ...
2
votes
0
answers
312
views
Logman flush buffers to file periodically
I am troubleshooting NDIS miniport filter driver causing BSOD randomly. I enabled driver verifier for my driver. I am also trying to collect my driver trace logs by logman using the following command -...