.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Event Tracing for Windows: Core Instrumentation Events in Windows 7

Posted By:      Posted Date: August 21, 2010    Points: 0   Category :ASP.Net

In the first article of a two-part series, the authors present a high-level overview of the ETW technology and core OS instrumentation.

Alex Bendetov, Insung Park

MSDN Magazine September 2009

View Complete Post

More Related Resource Links

Event Tracing For Windows: Core Instrumentation Events in Windows 7, Part 2


In Part 2, the authors cover core OS Event Tracing for Windows (ETW) events as well as present simple scripts to demonstrate a few basic accounting techniques on some of the OS events introduced.

Alex Bendetov, Insung Park

MSDN Magazine October 2009

Windows Management Instrumentation: Create WMI Providers to Notify Applications of System Events


Windows Management Instrumentation (WMI) is based on an industry-wide standard for notifications used to manage objects and devices across a network. By receiving WMI events, an application can be notified of changes to data in WMI itself. This allows the developer to notify the consuming application that certain system configuration data has changed, without the application having to poll WMI continuously for this data. The author presents an explanation of the different types of events in WMI, then goes on to develop an event provider.

J. Andrew Schafer

MSDN Magazine September 2001

Cloud Diagnostics: Take Control of Logging and Tracing in Windows Azure


It's difficult to troubleshoot any application without a trail of clues to follow, and cloud apps are no different. We look at how logging and tracing are enabled for Windows Azure, and how you can use Windows PowerShell to manage diagnostics for a running service.

Mike Kelly

MSDN Magazine June 2010

Windows XP: Escape from DLL Hell with Custom Debugging and Instrumentation Tools and Utilities, Part


Building on his article published in the June issue, which demonstrated several ways to get process and DLL-related information from APIs such as PSAPI, NTDLL, and TOOLHELP32, the author presents some unusual ways to get system-oriented info that you can easily integrate in your own toolkit. There are three tools included as samples: LoadLibrarySpy, which monitors an application and detects which DLLs are really loaded; WindowDump, which retrieves the content and a detailed description of any window; and FileUsage, which redirects console-mode applications to tell you which process is using any opened file.

Christophe Nasarre

MSDN Magazine August 2002

DirectShow: Core Media Technology in Windows XP Empowers You to Create Custom Audio/Video Processing


DirectShow is an API that enables Windows applications to control a wide variety of audio/video input devices including (but not limited to) DV camcorders, Web cams, DVD drives, and TV tuner cards. It provides out-of-the-box support for a variety of formats, from WAV and AVI to Windows Media. DirectShow is also extensible, enabling third parties to support their own specialized devices, formats, or processing components. This article introduces the basic concepts behind DirectShow and gives a step-by-step tutorial showing how to create your own video effect filter.

Michael Blome and Mike Wasson

MSDN Magazine July 2002

Windows XP: Escape from DLL Hell with Custom Debugging and Instrumentation Tools and Utilities


DLL conflict problems can be tough to solve, but a large number of tools are available to help. There are also many Windows APIs that you can use to build custom debugging tools. Three such tools are discussed here and provided as samples. DllSpy lists all the DLLs loaded in the system and the processes that are using them. ProcessSpy enumerates the running processes and exposes the DLLs they are using, and ProcessXP displays the list of concurrent running sessions for Windows XP.

Christophe Nasarre

MSDN Magazine June 2002

Windows Management Instrumentation: Administering Windows and Applications across Your Enterprise


This article provides an overview of Windows Management Instrumentation, a technology that exposes a wide variety of system and device information through a standard API. With WMI, management information is exposed by following the object oriented structure outlined in the Common Information Model (CIM), which relies on inheritance for reuse and standardization of object classes that represent system devices. This article briefly describes querying WMI for information using a query language much like SQL called Windows Management Instrumentation Query Language (WQL), existing system classes, handling system events, and security in WMI.

Jeffrey Cooperstein

MSDN Magazine May 2000

Scripting Windows: Windows Management Instrumentation Provides a Powerful Tool for Managing Windows


The new Windows Management Instrumentation (WMI) technology for Windows 2000, Windows NT 4.0, and Windows 98 provides powerful scripting technology that can be used to administrate Windows-based systems. With WMI, you can create scripts to simplify management of devices, user accounts, services, networking, and other aspects of your system. This piece will introduce you to WMI and the WMI Scripting Object Model, taking a look at the available objects, methods, and properties. Along the way, you'll see how these elements can be used to create system management scripts.

Alan Boshier

MSDN Magazine April 2000

Windows SharePoint Services 3 Search Event ID 2424


This error started on 29 April and I cannot get rid of it...  My search works fine, both site and people.  AD profile import works fine.  Full and incremantal crawls work as scheduled.  Just that this error keeps showing up every five minutes in one of two WFE's.  The other WFE does not receive this error


I have verified all Security Configuration/Service Accounts, verified all Services on Server/Search accounts, Stopped/Restarted all search, and verified SSP accounts.  The last thing I did was verify there was an indexer attached to the SSP...

I set the diagnostic logging to verbose and the only thing that stood out around the time of the error was

System.Data.SqlClient.SqlException: Invalid object name 'AR_CacheCounters'.

SqlError: 'Invalid object name 'AR_CacheCounters'.'    Source: '.Net SqlClient Data Provider' Number: 208 State: 1 Class: 16 Procedure: 'proc_ar_GetCacheInvalidationCountersWithCount' LineNumber: 3 Server: 'SERVER'


Any suggestions?







Feature Stapling and the FeatureActivated Event in Windows SharePoint Services 3.0

You can attach (or staple) a SharePoint Feature to a site definition without modifying the original site definition. Learn about issues related to using Feature Stapling with the SPFeatureReceiver.FeatureActivated event.

Getting AppDomain.UnhandledException event to work in a Windows Service

Nearly every forum thread I have found on "catching unhandled exceptions in a service" seems to end up where I am.  The supposed solution is the use of the AppDomain.CurrentDomain.UnhandledException event.  But it doesn't work for someone, who then asks why and gets no answer.  Same for me; I can't get the event to happen.  It's as if I need the ServiceProcess version of Application.SetUnhandledExceptionMode(), which doesn't exist. For diagnosing this, I start a timer in a child object of the service and then throw an exception in the timer event handler.  Simple enough to simulate the real situation.  I have tried subscribing to the UnhandledException event in at least a half dozen locations throughout the service, from the Program that runs ServiceBase.Run() to the constructor of the object that owns the Timer, but it never catches this exception. The VS debugger recognizes that the forced exception is unhandled and takes me to the place where is thrown, letting me know it is an unhandled exception. Why doesn't my handler catch it?  Running without the debugger, the exception throws, the timer thread crashes, the service continues merrily along, and nothing gets logged anywhere.  That is NOT the result I need.  What are the people for whom this works doing that I am not doing? How can I at least get the offe

sql express on my localmachine windows xp - getting error Event ID: 18456

Event Type: Failure AuditEvent Source: MSSQL$SQLEXPRESSEvent Category: Logon Event ID: 18456Date:  12/03/2010Time:  3:58:03 PMUser:  domain\computername$Computer: computernameDescription:Login failed for user 'domain\computername$'. Reason: Failed to open the explicitly specified database. [CLIENT: XXX.XX.XX.XX] For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.Data:0000: 18 48 00 00 0e 00 00 00   .H......0008: 14 00 00 00 44 00 45 00   ....D.E.0010: 4c 00 2d 00 32 00 36 00   L.-.2.6.0018: 38 00 30 00 5c 00 53 00   8.0.\.S.0020: 51 00 4c 00 45 00 58 00   Q.L.E.X.0028: 50 00 52 00 45 00 53 00   P.R.E.S.0030: 53 00 00 00 07 00 00 00   S.......0038: 6d 00 61 00 73 00 74 00   m.a.s.t.0040: 65 00 72 00 00 00         e.r... 

OK button click on Windows dialogue form not triggering click event

I have created an Add-In for Outlook 2003 in Visual Studio 2005. When a new message is sent and a toggle button is selected, a form that I have created will be displayed as a dialogue box, where further information can be entered. Once this information has been entered you can click the OK button and the message is sent. If you were to click the OK button with invalid data in the form, there would be a message box with an error message. This all works perfectly on my development machine but when I have packaged the Add-In and installed it on other machines it does not work. Clicking on the OK button does nothing, there is not even an error message. All the prerequsits are successfully installed and this is the only part of the Add-In that does not work. All help greatly appreciated. Thanks Nick

Sharepoint and IIS/Windows Event Logs in a single view

Hi - I'm coinsidering addng sharepoint log reading capabilities into an application I've built for reading windows and IIS logs (for more info http://logenvy.com). I know there are quite a few applications capable of reading sharepoint logs (a number are listed here http://stackoverflow.com/questions/781179/sharepoint-2007-log-viewer). Does anyone think the capability to analyse windows and IIS logs alongside sharepoint logs would be useful, or have any logging requirements not well met by the current set of tools? I'm especially keen to explore useful/interesting data visualizations on top of data logs.

Use smtp sink events under Windows 2008 R2

Hi, I'm not sure is that the good forum for my question, but I don't see where can I post! On the old project (Visual Studio 2005), I used cdo library to control the smtp events sink. I upgrade to windows 2008 R2 the project, and the cdo library seems to old (Windows 2000 library). I would like to replace the library and I want to know what is the best library to use smtp sink event? Thanks by advance. 

Windows Keyup event is routed to next form even if the current form is closed

In a form (say FormA) i have 2 events "Keyup" for the form and button_click event for the button. I call FormA from the main form with a showDialog, after this i call another form (say FormB), it also has the 2 events. In both the form the button_click event has the logic to close the form (this.close()). Now when the FormA is opened the focus is on button, if the user presses "enter" button the button_click event is called which closes the form, the logic returns to the main form and the next line i.e. to open the FormB is executed. Now here is the wierd part, in FormB because there is a KeyUp event handler; just after instantiation of the form directly this event handler is called. I guess this is being routed from FormA. Shouldnt the FormA's keyup event be closed as soon as the form is closed?
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend