Part 3. Observing and Analyzing Software Behavior
Event Tracing for Windows (ETW) is a logging framework for analyzing application behavior that’s used extensively throughout the Microsoft Windows operating system. When I started studying ETW a few years ago, I was mostly interested in the technology as it pertained to profiling and performance analysis in Windows and this part of the book will certainly cover that important angle. However, as the technology evolved in recent Windows releases to support capturing stack traces for the events it logs, and as more convenient GUI front-end tools were also built around it, I came to realize that there was much more to it and also started employing it as a troubleshooting ...
Get Inside Windows® Debugging now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
