etw

I would like to retrieve information about event providers using Windows PowerShell? I'm running Windows 8.1 with PowerShell version 4.0, and I noticed that there are some .NET classes in the System.Diagnostics.Eventing namespace that offer some functionality around Windows eventing. I can create an EventProvider instance by calling its default constructor, however this does not allow me to get any information about the event providers installed on the system. $EventProvider = New-Object -TypeName System.Diagnostics.Eventing.EventProvider -ArgumentList ([System.Guid]'{00000000-0000-0000-0000

i'm calling the Event Tracing for Windows StartTrace function: StartTrace(sessionHandle, KERNEL_LOGGER_NAME, sessionProperties); It is failing with error code 87 ( ERROR_INVALID_PARAMETER ). The MSDN gives some common causes for this error: Properties is NULL . SessionHandle is NULL . The LogFileNameOffset member of Properties is not valid. The LoggerNameOffset member of Properties is not valid. The LogFileMode member of Properties specifies a combination of flags that is not valid. The Wnode.Guid member is SystemTraceControlGuid , but the SessionName parameter is not KERNEL_LOGGER_NAME . The

According to documentation http://msdn.microsoft.com/en-us/library/dn775009%28v=pandp.20%29.aspx current activity id should be handled by TPL. But when I get results, log events from different tasks belong to different activities. To read messages I use out of process SemanticLogging-svc.2.0.1406.1 Workflow is follow: 1. I set activity id, which shall be used. EventSource.SetCurrentThreadActivityId. 2. Then I have some code in same thread, but also can be a lot of code in different threads. Example (log messages from below tasks are logged as different activity ids): Events.Current.TestMethod3