ETW tracking from .net, user mode and driver

Posted by Jack Juiceson on Stack Overflow See other posts from Stack Overflow or by Jack Juiceson
Published on 2010-02-26T12:26:55Z Indexed on 2010/03/19 1:41 UTC
Read the original article Hit count: 466

Filed under:
|
|
|
|

Hi everyone,

We have an application that parts of it are in .net, c++ usermode and C++ drivers. The application is divided into several executables that run on demand and communication with each other using LPC(the processes run in different sessions(winlogon)).

Currently We have a home written logging service to which .net and c++ usermode communicate by sending LPC messages. The driver uses DbgPrint and is not always enabled, as it causes the code to run 30% slower(we have lots of logging).

I want to have all the logs written in one place and preferably not writing the logger myself(I love log4cpp and log4net). The requirement is to write from all the executables and drivers into one place and to have minimal overhead.

I have read that ETW is way to go, however I wasn't able to find already written logger that uses it like log4cpp or log4net.

So basically my questions is, do you know if there is already implemented ETW appender for log4cpp and log4net I can use ?

© Stack Overflow or respective owner

Related posts about ETW

Related posts about multiprocess