ETW tracking from .net, user mode and driver
We have an application that parts of it are in .net, c++ usermode and C++ drivers. The application is divided into several executables that run on demand and communication with each other using LPC(the processes run in different sessions(winlogon)).
Currently We have a home written logging service to which .net and c++ usermode communicate by sending LPC messages. The driver uses DbgPrint and is not always enabled, as it causes the code to run 30% slower(we have lots of logging).
I want to have all the logs written in one pl开发者_C百科ace and preferably not writing the logger myself(I love log4cpp and log4net). The requirement is to write from all the executables and drivers into one place and to have minimal overhead.
I have read that ETW is way to go, however I wasn't able to find already written logger that uses it like log4cpp or log4net.
So basically my questions is, do you know if there is already implemented ETW appender for log4cpp and log4net I can use ?
Here is a sample implementation of ETW .NET. This is not ETW for log4net. Hope this helps.
http://naveensrinivasan.com/2010/03/17/using-clr-4-0-event-tracing-for-windows-etw-along-with-application-etw/
See EventProviderTraceListener Class.
I am from the future... Enterprise Library's Semantic Logging Application Block(SLAB) should serve you nicely :)
精彩评论