How to use ETW from a C++ Windows client

I'm researching Event Tracing for Windows (ETW) to allow a user-mode windows client to write out tracing information. The existing documentation is, to put it lightly, insanely incomplete. What would really help is a simple C++ example that writes out tra开发者_高级运维cing messages using ETW. Does such an example exist? Is there other ETW documentation you might recommend?

To write a Provider for ETW, you have two options:

• write it as a manifest-based provider (preferred for Windows Vista or higher). Check out an example here.

• write it as a classic provider for legacy support. You can find an example here.

I suppose you want to use a manifest-based approach, as its better and can support up to eight sessions. The first step a manifest-based provider needs to do is to register the event using EventRegister() and then write to it via the EventWrite() or EventWriteString() function.

Programmers Guide to Eventing (2010) from Microsoft is a good one to start with.