Home > Net >  How to trace event logs from provider "Microsoft-Windows-RPC" programmatically
How to trace event logs from provider "Microsoft-Windows-RPC" programmatically

Time:12-23

I want to create a program that will trace event logs from the provider "Microsoft-Windows-RPC".

The program logman.exe by Microsoft is doing it like that:

logman start RPC_ONLY -p Microsoft-Windows-RPC -ets

When done, you can capture the logs like that:

tracerpt RPC_ONLY.etl -o RPC_ONLY.evtx -of EVTX
logman stop RPC_ONLY -ets

I want my program to be able to trace it like logman does but I didn't understand how.
Is there a function that I can "tell" windows that I want it to start tracing events related to Microsoft-Windows-RPC?

CodePudding user response:

According to enter image description here

Page link:https//www.codepudding.com/net/238525.html

Prev:Changing the title of uwp process
Next:Docker : composer require = php extension not found
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding