703 lines
22 KiB
C
703 lines
22 KiB
C
|
/*++
|
||
|
|
||
|
Copyright (c) Microsoft Corporation. All rights reserved.
|
||
|
|
||
|
Module Name:
|
||
|
|
||
|
tracelog.c
|
||
|
|
||
|
Abstract:
|
||
|
|
||
|
Sample trace control program. Allows user to start, update, query, stop
|
||
|
event tracing, etc.
|
||
|
|
||
|
|
||
|
--*/
|
||
|
#include <stdio.h>
|
||
|
#include <stdlib.h>
|
||
|
#include <windows.h>
|
||
|
#include <shellapi.h>
|
||
|
#include <tchar.h>
|
||
|
#include <wmistr.h>
|
||
|
#include <initguid.h>
|
||
|
#include <guiddef.h>
|
||
|
#include <evntrace.h>
|
||
|
|
||
|
#define MAXSTR 1024
|
||
|
// Default trace file name.
|
||
|
#define DEFAULT_LOGFILE_NAME _T("C:\\LogFile.Etl")
|
||
|
// On Windows 2000, we support up to 32 loggers at once.
|
||
|
// On Windows XP and .NET server, we support up to 64 loggers.
|
||
|
#define MAXIMUM_LOGGERS 32
|
||
|
|
||
|
// In this sample, we support the following actions.
|
||
|
// Additional actions that we do not use in this sample include
|
||
|
// Flush and Enumerate Guids functionalities. They are supported
|
||
|
// only on XP or higher version.
|
||
|
#define ACTION_QUERY 0
|
||
|
#define ACTION_START 1
|
||
|
#define ACTION_STOP 2
|
||
|
#define ACTION_UPDATE 3
|
||
|
#define ACTION_LIST 4
|
||
|
#define ACTION_ENABLE 5
|
||
|
#define ACTION_HELP 6
|
||
|
|
||
|
#define ACTION_UNDEFINED 10
|
||
|
|
||
|
void
|
||
|
PrintLoggerStatus(
|
||
|
IN PEVENT_TRACE_PROPERTIES LoggerInfo,
|
||
|
IN ULONG Status
|
||
|
);
|
||
|
|
||
|
ULONG
|
||
|
ahextoi(
|
||
|
IN TCHAR *s
|
||
|
);
|
||
|
|
||
|
void
|
||
|
StringToGuid(
|
||
|
IN TCHAR *str,
|
||
|
OUT LPGUID guid
|
||
|
);
|
||
|
|
||
|
void
|
||
|
PrintHelpMessage();
|
||
|
|
||
|
|
||
|
//
|
||
|
// main function
|
||
|
//
|
||
|
__cdecl main(argc, argv)
|
||
|
int argc;
|
||
|
char **argv;
|
||
|
/*++
|
||
|
|
||
|
Routine Description:
|
||
|
|
||
|
It is the main function.
|
||
|
|
||
|
Arguments:
|
||
|
|
||
|
Return Value:
|
||
|
|
||
|
Error Code defined in winerror.h : If the function succeeds,
|
||
|
it returns ERROR_SUCCESS (== 0).
|
||
|
|
||
|
|
||
|
--*/{
|
||
|
ULONG i, j;
|
||
|
ULONG Status = ERROR_SUCCESS;
|
||
|
LPTSTR *targv, *utargv = NULL;
|
||
|
// Action to be taken
|
||
|
USHORT Action = ACTION_UNDEFINED;
|
||
|
|
||
|
LPTSTR LoggerName;
|
||
|
LPTSTR LogFileName;
|
||
|
PEVENT_TRACE_PROPERTIES pLoggerInfo;
|
||
|
TRACEHANDLE LoggerHandle = 0;
|
||
|
// Target GUID, level and flags for enable/disable
|
||
|
GUID TargetGuid;
|
||
|
ULONG bEnable = TRUE;
|
||
|
|
||
|
ULONG SizeNeeded = 0;
|
||
|
|
||
|
// We will enable Process, Thread, Disk, and Network events
|
||
|
// if the Kernel Logger is requested.
|
||
|
BOOL bKernelLogger = FALSE;
|
||
|
|
||
|
// Allocate and initialize EVENT_TRACE_PROPERTIES structure first
|
||
|
SizeNeeded = sizeof(EVENT_TRACE_PROPERTIES) + 2 * MAXSTR * sizeof(TCHAR);
|
||
|
pLoggerInfo = (PEVENT_TRACE_PROPERTIES) malloc(SizeNeeded);
|
||
|
if (pLoggerInfo == NULL) {
|
||
|
return (ERROR_OUTOFMEMORY);
|
||
|
}
|
||
|
|
||
|
RtlZeroMemory(pLoggerInfo, SizeNeeded);
|
||
|
|
||
|
pLoggerInfo->Wnode.BufferSize = SizeNeeded;
|
||
|
pLoggerInfo->Wnode.Flags = WNODE_FLAG_TRACED_GUID;
|
||
|
pLoggerInfo->LoggerNameOffset = sizeof(EVENT_TRACE_PROPERTIES);
|
||
|
pLoggerInfo->LogFileNameOffset = pLoggerInfo->LoggerNameOffset + MAXSTR * sizeof(TCHAR);
|
||
|
|
||
|
LoggerName = (LPTSTR)((char*)pLoggerInfo + pLoggerInfo->LoggerNameOffset);
|
||
|
LogFileName = (LPTSTR)((char*)pLoggerInfo + pLoggerInfo->LogFileNameOffset);
|
||
|
// If the logger name is not given, we will assume the kernel logger.
|
||
|
_tcscpy(LoggerName, KERNEL_LOGGER_NAME);
|
||
|
|
||
|
#ifdef UNICODE
|
||
|
if ((targv = CommandLineToArgvW(
|
||
|
GetCommandLineW(), // pointer to a command-line string
|
||
|
&argc // receives the argument count
|
||
|
)) == NULL) {
|
||
|
free(pLoggerInfo);
|
||
|
return (GetLastError());
|
||
|
};
|
||
|
utargv = targv;
|
||
|
#else
|
||
|
targv = argv;
|
||
|
#endif
|
||
|
|
||
|
//
|
||
|
// Parse the command line options to determine actions and parameters.
|
||
|
//
|
||
|
while (--argc > 0) {
|
||
|
++targv;
|
||
|
if (**targv == '-' || **targv == '/') { // argument found
|
||
|
if (targv[0][0] == '/' ) {
|
||
|
targv[0][0] = '-';
|
||
|
}
|
||
|
|
||
|
// Deterine actions.
|
||
|
if (!_tcsicmp(targv[0], _T("-start"))) {
|
||
|
Action = ACTION_START;
|
||
|
if (argc > 1) {
|
||
|
if (targv[1][0] != '-' && targv[1][0] != '/') {
|
||
|
++targv; --argc;
|
||
|
_tcscpy(LoggerName, targv[0]);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else if (!_tcsicmp(targv[0], _T("-enable"))) {
|
||
|
Action = ACTION_ENABLE;
|
||
|
if (argc > 1) {
|
||
|
if (targv[1][0] != '-' && targv[1][0] != '/') {
|
||
|
++targv; --argc;
|
||
|
_tcscpy(LoggerName, targv[0]);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else if (!_tcsicmp(targv[0], _T("-disable"))) {
|
||
|
Action = ACTION_ENABLE;
|
||
|
bEnable = FALSE;
|
||
|
if (argc > 1) {
|
||
|
if (targv[1][0] != '-' && targv[1][0] != '/') {
|
||
|
++targv; --argc;
|
||
|
_tcscpy(LoggerName, targv[0]);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else if (!_tcsicmp(targv[0], _T("-stop"))) {
|
||
|
Action = ACTION_STOP;
|
||
|
if (argc > 1) {
|
||
|
if (targv[1][0] != '-' && targv[1][0] != '/') {
|
||
|
++targv; --argc;
|
||
|
_tcscpy(LoggerName, targv[0]);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else if (!_tcsicmp(targv[0], _T("-update"))) {
|
||
|
Action = ACTION_UPDATE;
|
||
|
if (argc > 1) {
|
||
|
if (targv[1][0] != '-' && targv[1][0] != '/') {
|
||
|
++targv; --argc;
|
||
|
_tcscpy(LoggerName, targv[0]);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else if (!_tcsicmp(targv[0], _T("-query"))) {
|
||
|
Action = ACTION_QUERY;
|
||
|
if (argc > 1) {
|
||
|
if (targv[1][0] != '-' && targv[1][0] != '/') {
|
||
|
++targv; --argc;
|
||
|
_tcscpy(LoggerName, targv[0]);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else if (!_tcsicmp(targv[0], _T("-list"))) {
|
||
|
Action = ACTION_LIST;
|
||
|
}
|
||
|
|
||
|
// Get other parameters.
|
||
|
// Users can customize logger settings further by adding/changing
|
||
|
// values to pLoggerInfo. Refer to EVENT_TRACE_PROPERTIES documentation
|
||
|
// for available options.
|
||
|
// In this sample, we allow changing maximum number of buffers and
|
||
|
// specifying user mode (private) logger.
|
||
|
// We also take trace file name and guid for enable/disable.
|
||
|
else if (!_tcsicmp(targv[0], _T("-f"))) {
|
||
|
if (argc > 1) {
|
||
|
_tfullpath(LogFileName, targv[1], MAXSTR);
|
||
|
++targv; --argc;
|
||
|
}
|
||
|
}
|
||
|
else if (!_tcsicmp(targv[0], _T("-guid"))) {
|
||
|
if (argc > 1) {
|
||
|
// -guid #00000000-0000-0000-0000-000000000000
|
||
|
if (targv[1][0] == _T('#')) {
|
||
|
StringToGuid(&targv[1][1], &TargetGuid);
|
||
|
++targv; --argc;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
else if (!_tcsicmp(targv[0], _T("-max"))) {
|
||
|
if (argc > 1) {
|
||
|
pLoggerInfo->MaximumBuffers = _ttoi(targv[1]);
|
||
|
++targv; --argc;
|
||
|
}
|
||
|
}
|
||
|
else if (!_tcsicmp(targv[0], _T("-um"))) {
|
||
|
pLoggerInfo->LogFileMode |= EVENT_TRACE_PRIVATE_LOGGER_MODE;
|
||
|
}
|
||
|
else if ( targv[0][1] == 'h' || targv[0][1] == 'H' || targv[0][1] == '?'){
|
||
|
Action = ACTION_HELP;
|
||
|
PrintHelpMessage();
|
||
|
if (utargv != NULL) {
|
||
|
GlobalFree(utargv);
|
||
|
}
|
||
|
free(pLoggerInfo);
|
||
|
|
||
|
return (ERROR_SUCCESS);
|
||
|
}
|
||
|
else Action = ACTION_UNDEFINED;
|
||
|
}
|
||
|
else {
|
||
|
_tprintf(_T("Invalid option given: %s\n"), targv[0]);
|
||
|
Status = ERROR_INVALID_PARAMETER;
|
||
|
SetLastError(Status);
|
||
|
if (utargv != NULL) {
|
||
|
GlobalFree(utargv);
|
||
|
}
|
||
|
free(pLoggerInfo);
|
||
|
|
||
|
return (Status);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// Set the kernel logger parameters.
|
||
|
if (!_tcscmp(LoggerName, KERNEL_LOGGER_NAME)) {
|
||
|
// Set enable flags. Users can add options to add additional kernel events
|
||
|
// or remove some of these events.
|
||
|
pLoggerInfo->EnableFlags |= EVENT_TRACE_FLAG_PROCESS;
|
||
|
pLoggerInfo->EnableFlags |= EVENT_TRACE_FLAG_THREAD;
|
||
|
pLoggerInfo->EnableFlags |= EVENT_TRACE_FLAG_DISK_IO;
|
||
|
pLoggerInfo->EnableFlags |= EVENT_TRACE_FLAG_NETWORK_TCPIP;
|
||
|
|
||
|
pLoggerInfo->Wnode.Guid = SystemTraceControlGuid;
|
||
|
bKernelLogger = TRUE;
|
||
|
}
|
||
|
else if (pLoggerInfo->LogFileMode & EVENT_TRACE_PRIVATE_LOGGER_MODE) {
|
||
|
// We must provide a control GUID for a private logger.
|
||
|
pLoggerInfo->Wnode.Guid = TargetGuid;
|
||
|
}
|
||
|
|
||
|
// Process the request.
|
||
|
switch (Action) {
|
||
|
case ACTION_START:
|
||
|
{
|
||
|
// Use default file name if not given
|
||
|
if (_tcslen(LogFileName) == 0) {
|
||
|
_tcscpy(LogFileName, DEFAULT_LOGFILE_NAME);
|
||
|
}
|
||
|
|
||
|
Status = StartTrace(&LoggerHandle, LoggerName, pLoggerInfo);
|
||
|
|
||
|
if (Status != ERROR_SUCCESS) {
|
||
|
_tprintf(_T("Could not start logger: %s\n")
|
||
|
_T("Operation Status: %uL\n"),
|
||
|
LoggerName,
|
||
|
Status);
|
||
|
|
||
|
break;
|
||
|
}
|
||
|
_tprintf(_T("Logger Started...\n"));
|
||
|
}
|
||
|
case ACTION_ENABLE:
|
||
|
{
|
||
|
// We can allow enabling a GUID during START operation (Note no break in case ACTION_START).
|
||
|
// In that case, we do not need to get LoggerHandle separately.
|
||
|
if (Action == ACTION_ENABLE ){
|
||
|
|
||
|
// Get Logger Handle though Query.
|
||
|
Status = ControlTrace((TRACEHANDLE) 0, LoggerName, pLoggerInfo, EVENT_TRACE_CONTROL_QUERY);
|
||
|
if( Status != ERROR_SUCCESS ){
|
||
|
_tprintf( _T("ERROR: Logger not started\n")
|
||
|
_T("Operation Status: %uL\n"),
|
||
|
Status);
|
||
|
break;
|
||
|
}
|
||
|
LoggerHandle = pLoggerInfo->Wnode.HistoricalContext;
|
||
|
}
|
||
|
|
||
|
// We do not allow EnableTrace on the Kernel Logger in this sample,
|
||
|
// users can use EnableFlags to enable/disable certain kernel events.
|
||
|
if (!bKernelLogger) {
|
||
|
_tprintf(_T("Enabling trace to logger %d\n"), LoggerHandle);
|
||
|
// In this sample, we use EnableFlag = EnableLebel = 0
|
||
|
Status = EnableTrace (
|
||
|
bEnable,
|
||
|
0,
|
||
|
0,
|
||
|
&TargetGuid,
|
||
|
LoggerHandle);
|
||
|
|
||
|
if (Status != ERROR_SUCCESS) {
|
||
|
_tprintf(_T("ERROR: Failed to enable Guid...\n"));
|
||
|
_tprintf(_T("Operation Status: %uL\n"), Status);
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
break;
|
||
|
}
|
||
|
case ACTION_STOP :
|
||
|
{
|
||
|
LoggerHandle = (TRACEHANDLE) 0;
|
||
|
Status = ControlTrace(LoggerHandle, LoggerName, pLoggerInfo, EVENT_TRACE_CONTROL_STOP);
|
||
|
break;
|
||
|
}
|
||
|
case ACTION_LIST :
|
||
|
{
|
||
|
ULONG returnCount;
|
||
|
PEVENT_TRACE_PROPERTIES pLoggerInfo[MAXIMUM_LOGGERS];
|
||
|
PEVENT_TRACE_PROPERTIES pStorage, pTempStorage;
|
||
|
ULONG SizeForOneProperty = sizeof(EVENT_TRACE_PROPERTIES) +
|
||
|
2 * MAXSTR * sizeof(TCHAR);
|
||
|
|
||
|
// We need to prepare space to receieve the inforamtion on loggers.
|
||
|
SizeNeeded = MAXIMUM_LOGGERS * SizeForOneProperty;
|
||
|
|
||
|
pStorage = (PEVENT_TRACE_PROPERTIES)malloc(SizeNeeded);
|
||
|
if (pStorage == NULL) {
|
||
|
Status = ERROR_OUTOFMEMORY;
|
||
|
break;
|
||
|
}
|
||
|
RtlZeroMemory(pStorage, SizeNeeded);
|
||
|
// Save the pointer for free() later.
|
||
|
pTempStorage = pStorage;
|
||
|
|
||
|
for (i = 0; i < MAXIMUM_LOGGERS; i++) {
|
||
|
pStorage->Wnode.BufferSize = SizeForOneProperty;
|
||
|
pStorage->LoggerNameOffset = sizeof(EVENT_TRACE_PROPERTIES);
|
||
|
pStorage->LogFileNameOffset = sizeof(EVENT_TRACE_PROPERTIES)
|
||
|
+ MAXSTR * sizeof(TCHAR);
|
||
|
pLoggerInfo[i] = pStorage;
|
||
|
pStorage = (PEVENT_TRACE_PROPERTIES) (
|
||
|
(PUCHAR)pStorage +
|
||
|
pStorage->Wnode.BufferSize);
|
||
|
}
|
||
|
|
||
|
Status = QueryAllTraces(pLoggerInfo,
|
||
|
MAXIMUM_LOGGERS,
|
||
|
&returnCount);
|
||
|
|
||
|
if (Status == ERROR_SUCCESS)
|
||
|
{
|
||
|
for (j= 0; j < returnCount; j++)
|
||
|
{
|
||
|
PrintLoggerStatus(pLoggerInfo[j],
|
||
|
Status);
|
||
|
_tprintf(_T("\n"));
|
||
|
}
|
||
|
}
|
||
|
|
||
|
free(pTempStorage);
|
||
|
break;
|
||
|
}
|
||
|
|
||
|
case ACTION_UPDATE :
|
||
|
{
|
||
|
// In this sample, users can only update MaximumBuffers and log file name.
|
||
|
// User can add more options for other parameters as needed.
|
||
|
Status = ControlTrace(LoggerHandle, LoggerName, pLoggerInfo, EVENT_TRACE_CONTROL_UPDATE);
|
||
|
break;
|
||
|
}
|
||
|
case ACTION_QUERY :
|
||
|
{
|
||
|
Status = ControlTrace(LoggerHandle, LoggerName, pLoggerInfo, EVENT_TRACE_CONTROL_QUERY);
|
||
|
break;
|
||
|
}
|
||
|
case ACTION_HELP:
|
||
|
{
|
||
|
PrintHelpMessage();
|
||
|
break;
|
||
|
}
|
||
|
default :
|
||
|
{
|
||
|
_tprintf(_T("Error: no action specified\n"));
|
||
|
PrintHelpMessage();
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
if ((Action != ACTION_HELP) &&
|
||
|
(Action != ACTION_UNDEFINED) &&
|
||
|
(Action != ACTION_LIST)) {
|
||
|
PrintLoggerStatus(pLoggerInfo,
|
||
|
Status);
|
||
|
}
|
||
|
|
||
|
if (Status != ERROR_SUCCESS) {
|
||
|
SetLastError(Status);
|
||
|
}
|
||
|
if (utargv != NULL) {
|
||
|
GlobalFree(utargv);
|
||
|
}
|
||
|
free(pLoggerInfo);
|
||
|
|
||
|
return (Status);
|
||
|
}
|
||
|
|
||
|
|
||
|
void
|
||
|
PrintLoggerStatus(
|
||
|
IN PEVENT_TRACE_PROPERTIES LoggerInfo,
|
||
|
IN ULONG Status
|
||
|
)
|
||
|
/*++
|
||
|
|
||
|
Routine Description:
|
||
|
|
||
|
Prints out the status of the specified logger.
|
||
|
|
||
|
Arguments:
|
||
|
|
||
|
LoggerInfo - The pointer to the resident EVENT_TRACE_PROPERTIES that has
|
||
|
the information about the current logger.
|
||
|
Status - The operation status of the current logger.
|
||
|
|
||
|
Return Value:
|
||
|
|
||
|
None
|
||
|
|
||
|
--*/
|
||
|
{
|
||
|
LPTSTR LoggerName, LogFileName;
|
||
|
|
||
|
if ((LoggerInfo->LoggerNameOffset > 0) &&
|
||
|
(LoggerInfo->LoggerNameOffset < LoggerInfo->Wnode.BufferSize)) {
|
||
|
LoggerName = (LPTSTR) ((PUCHAR)LoggerInfo +
|
||
|
LoggerInfo->LoggerNameOffset);
|
||
|
}
|
||
|
else LoggerName = NULL;
|
||
|
|
||
|
if ((LoggerInfo->LogFileNameOffset > 0) &&
|
||
|
(LoggerInfo->LogFileNameOffset < LoggerInfo->Wnode.BufferSize)) {
|
||
|
LogFileName = (LPTSTR) ((PUCHAR)LoggerInfo +
|
||
|
LoggerInfo->LogFileNameOffset);
|
||
|
}
|
||
|
else LogFileName = NULL;
|
||
|
|
||
|
_tprintf(_T("Operation Status: %uL\n"), Status);
|
||
|
|
||
|
_tprintf(_T("Logger Name: %s\n"),
|
||
|
(LoggerName == NULL) ?
|
||
|
_T(" ") : LoggerName);
|
||
|
_tprintf(_T("Logger Id: %I64x\n"), LoggerInfo->Wnode.HistoricalContext);
|
||
|
_tprintf(_T("Logger Thread Id: %d\n"), LoggerInfo->LoggerThreadId);
|
||
|
|
||
|
if (Status != 0)
|
||
|
return;
|
||
|
|
||
|
_tprintf(_T("Buffer Size: %d Kb"), LoggerInfo->BufferSize);
|
||
|
if (LoggerInfo->LogFileMode & EVENT_TRACE_USE_PAGED_MEMORY) {
|
||
|
_tprintf(_T(" using paged memory\n"));
|
||
|
}
|
||
|
else {
|
||
|
_tprintf(_T("\n"));
|
||
|
}
|
||
|
_tprintf(_T("Maximum Buffers: %d\n"), LoggerInfo->MaximumBuffers);
|
||
|
_tprintf(_T("Minimum Buffers: %d\n"), LoggerInfo->MinimumBuffers);
|
||
|
_tprintf(_T("Number of Buffers: %d\n"), LoggerInfo->NumberOfBuffers);
|
||
|
_tprintf(_T("Free Buffers: %d\n"), LoggerInfo->FreeBuffers);
|
||
|
_tprintf(_T("Buffers Written: %d\n"), LoggerInfo->BuffersWritten);
|
||
|
_tprintf(_T("Events Lost: %d\n"), LoggerInfo->EventsLost);
|
||
|
_tprintf(_T("Log Buffers Lost: %d\n"), LoggerInfo->LogBuffersLost);
|
||
|
_tprintf(_T("Real Time Buffers Lost: %d\n"), LoggerInfo->RealTimeBuffersLost);
|
||
|
_tprintf(_T("AgeLimit: %d\n"), LoggerInfo->AgeLimit);
|
||
|
|
||
|
if (LogFileName == NULL) {
|
||
|
_tprintf(_T("Buffering Mode: "));
|
||
|
}
|
||
|
else {
|
||
|
_tprintf(_T("Log File Mode: "));
|
||
|
}
|
||
|
if (LoggerInfo->LogFileMode & EVENT_TRACE_FILE_MODE_APPEND) {
|
||
|
_tprintf(_T("Append "));
|
||
|
}
|
||
|
if (LoggerInfo->LogFileMode & EVENT_TRACE_FILE_MODE_CIRCULAR) {
|
||
|
_tprintf(_T("Circular\n"));
|
||
|
}
|
||
|
else if (LoggerInfo->LogFileMode & EVENT_TRACE_FILE_MODE_SEQUENTIAL) {
|
||
|
_tprintf(_T("Sequential\n"));
|
||
|
}
|
||
|
else {
|
||
|
_tprintf(_T("Sequential\n"));
|
||
|
}
|
||
|
if (LoggerInfo->LogFileMode & EVENT_TRACE_REAL_TIME_MODE) {
|
||
|
_tprintf(_T("Real Time mode enabled"));
|
||
|
_tprintf(_T("\n"));
|
||
|
}
|
||
|
|
||
|
if (LoggerInfo->MaximumFileSize > 0)
|
||
|
_tprintf(_T("Maximum File Size: %d Mb\n"), LoggerInfo->MaximumFileSize);
|
||
|
|
||
|
if (LoggerInfo->FlushTimer > 0)
|
||
|
_tprintf(_T("Buffer Flush Timer: %d secs\n"), LoggerInfo->FlushTimer);
|
||
|
|
||
|
if (LoggerInfo->EnableFlags != 0) {
|
||
|
_tprintf(_T("Enabled tracing: "));
|
||
|
|
||
|
if ((LoggerName != NULL) && (!_tcscmp(LoggerName, KERNEL_LOGGER_NAME))) {
|
||
|
|
||
|
if (LoggerInfo->EnableFlags & EVENT_TRACE_FLAG_PROCESS)
|
||
|
_tprintf(_T("Process "));
|
||
|
if (LoggerInfo->EnableFlags & EVENT_TRACE_FLAG_THREAD)
|
||
|
_tprintf(_T("Thread "));
|
||
|
if (LoggerInfo->EnableFlags & EVENT_TRACE_FLAG_DISK_IO)
|
||
|
_tprintf(_T("Disk "));
|
||
|
if (LoggerInfo->EnableFlags & EVENT_TRACE_FLAG_DISK_FILE_IO)
|
||
|
_tprintf(_T("File "));
|
||
|
if (LoggerInfo->EnableFlags & EVENT_TRACE_FLAG_MEMORY_PAGE_FAULTS)
|
||
|
_tprintf(_T("PageFaults "));
|
||
|
if (LoggerInfo->EnableFlags & EVENT_TRACE_FLAG_MEMORY_HARD_FAULTS)
|
||
|
_tprintf(_T("HardFaults "));
|
||
|
if (LoggerInfo->EnableFlags & EVENT_TRACE_FLAG_IMAGE_LOAD)
|
||
|
_tprintf(_T("ImageLoad "));
|
||
|
if (LoggerInfo->EnableFlags & EVENT_TRACE_FLAG_NETWORK_TCPIP)
|
||
|
_tprintf(_T("TcpIp "));
|
||
|
if (LoggerInfo->EnableFlags & EVENT_TRACE_FLAG_REGISTRY)
|
||
|
_tprintf(_T("Registry "));
|
||
|
}else{
|
||
|
_tprintf(_T("0x%08x"), LoggerInfo->EnableFlags );
|
||
|
}
|
||
|
_tprintf(_T("\n"));
|
||
|
}
|
||
|
if (LogFileName != NULL) {
|
||
|
_tprintf(_T("Log Filename: %s\n"), LogFileName);
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|
||
|
ULONG
|
||
|
ahextoi(
|
||
|
IN TCHAR *s
|
||
|
)
|
||
|
/*++
|
||
|
|
||
|
Routine Description:
|
||
|
|
||
|
Converts a hex string into a number.
|
||
|
|
||
|
Arguments:
|
||
|
|
||
|
s - A hex string in TCHAR.
|
||
|
|
||
|
Return Value:
|
||
|
|
||
|
ULONG - The number in the string.
|
||
|
|
||
|
|
||
|
--*/
|
||
|
{
|
||
|
int len;
|
||
|
ULONG num, base, hex;
|
||
|
|
||
|
len = _tcslen(s);
|
||
|
hex = 0; base = 1; num = 0;
|
||
|
while (--len >= 0) {
|
||
|
if ( (s[len] == 'x' || s[len] == 'X') &&
|
||
|
(s[len-1] == '0') )
|
||
|
break;
|
||
|
if (s[len] >= '0' && s[len] <= '9')
|
||
|
num = s[len] - '0';
|
||
|
else if (s[len] >= 'a' && s[len] <= 'f')
|
||
|
num = (s[len] - 'a') + 10;
|
||
|
else if (s[len] >= 'A' && s[len] <= 'F')
|
||
|
num = (s[len] - 'A') + 10;
|
||
|
else
|
||
|
continue;
|
||
|
|
||
|
hex += num * base;
|
||
|
base = base * 16;
|
||
|
}
|
||
|
return hex;
|
||
|
}
|
||
|
|
||
|
void
|
||
|
StringToGuid(
|
||
|
IN TCHAR *str,
|
||
|
IN OUT LPGUID guid
|
||
|
)
|
||
|
/*++
|
||
|
|
||
|
Routine Description:
|
||
|
|
||
|
Converts a string into a GUID.
|
||
|
|
||
|
Arguments:
|
||
|
|
||
|
str - A string in TCHAR.
|
||
|
guid - The pointer to a GUID that will have the converted GUID.
|
||
|
|
||
|
Return Value:
|
||
|
|
||
|
None.
|
||
|
|
||
|
|
||
|
--*/
|
||
|
{
|
||
|
TCHAR temp[10];
|
||
|
int i;
|
||
|
|
||
|
_tcsncpy(temp, str, 8);
|
||
|
temp[8] = 0;
|
||
|
guid->Data1 = ahextoi(temp);
|
||
|
_tcsncpy(temp, &str[9], 4);
|
||
|
temp[4] = 0;
|
||
|
guid->Data2 = (USHORT) ahextoi(temp);
|
||
|
_tcsncpy(temp, &str[14], 4);
|
||
|
temp[4] = 0;
|
||
|
guid->Data3 = (USHORT) ahextoi(temp);
|
||
|
|
||
|
for (i=0; i<2; i++) {
|
||
|
_tcsncpy(temp, &str[19 + (i*2)], 2);
|
||
|
temp[2] = 0;
|
||
|
guid->Data4[i] = (UCHAR) ahextoi(temp);
|
||
|
}
|
||
|
for (i=2; i<8; i++) {
|
||
|
_tcsncpy(temp, &str[20 + (i*2)], 2);
|
||
|
temp[2] = 0;
|
||
|
guid->Data4[i] = (UCHAR) ahextoi(temp);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
void PrintHelpMessage()
|
||
|
/*++
|
||
|
|
||
|
Routine Description:
|
||
|
|
||
|
prints out a help message.
|
||
|
|
||
|
Arguments:
|
||
|
|
||
|
None.
|
||
|
|
||
|
Return Value:
|
||
|
|
||
|
None.
|
||
|
|
||
|
|
||
|
--*/
|
||
|
{
|
||
|
_tprintf(_T("Usage: tracelog [actions] [options] | [-h | -help | -?]\n"));
|
||
|
_tprintf(_T("\n actions:\n"));
|
||
|
_tprintf(_T("\t-start [LoggerName] Starts up the [LoggerName] trace session\n"));
|
||
|
_tprintf(_T("\t-stop [LoggerName] Stops the [LoggerName] trace session\n"));
|
||
|
_tprintf(_T("\t-update [LoggerName] Updates the [LoggerName] trace session\n"));
|
||
|
_tprintf(_T("\t-enable [LoggerName] Enables providers for the [LoggerName] session\n"));
|
||
|
_tprintf(_T("\t-disable [LoggerName] Disables providers for the [LoggerName] session\n"));
|
||
|
_tprintf(_T("\t-query [LoggerName] Query status of [LoggerName] trace session\n"));
|
||
|
_tprintf(_T("\t-list List all trace sessions\n"));
|
||
|
|
||
|
_tprintf(_T("\n options:\n"));
|
||
|
_tprintf(_T("\t-um Use Process Private tracing\n"));
|
||
|
_tprintf(_T("\t-max <n> Sets maximum buffers\n"));
|
||
|
_tprintf(_T("\t-f <name> Log to file <name>\n"));
|
||
|
_tprintf(_T("\t-guid #<guid> Provider GUID to enable/disable\n"));
|
||
|
_tprintf(_T("\n"));
|
||
|
_tprintf(_T("\t-h\n"));
|
||
|
_tprintf(_T("\t-help\n"));
|
||
|
_tprintf(_T("\t-? Display usage information\n"));
|
||
|
}
|
||
|
|