-
Notifications
You must be signed in to change notification settings - Fork 20
Getting the EventSource Manifest or GUID
Every EventSource provider has a name and an associated GUID. By default, the name of the provider is the name of the class without the namespace, and the GUID is automatically derived from the name.
Some tools (like logman.exe) require the GUID of your EventSource. You can use the tool GenerateProxyManifest (in the tools folder of the NuGet package) to display the GUID for your EventSource.
GenerateProxyManifest -name Calculator
This outputs:
5534a855-95dc-5099-33e3-5b8e79fed6fa
If you want your EventSource provider to show up in the built-in Windows tools such as Performance Monitor, you will need to register the manifest of the EventSource. You can also use GenerateProxyManifest for this:
GenerateProxyManifest -assembly MyEventSource.dll -type MyEventSource.IEventSource
This outputs the following XML:
<instrumentationManifest xmlns="http://schemas.microsoft.com/win/2004/08/events">
<instrumentation xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:win="http://manifests.microsoft.com/win/2004/08/windows/events">
<events xmlns="http://schemas.microsoft.com/win/2004/08/events">
<provider name="Calculator" guid="{5534a855-95dc-5099-33e3-5b8e79fed6fa}" resourceFileName="\temp\ClassLibrary1\bin\Debug\ClassLibrary1.dll" messageFileName="\temp\ClassLibrary1\bin\Debug\ClassLibrary1.dll" symbol="Calculator">
<tasks>
<task name="Multiply_Completed" value="65528"/>
<task name="Add_Completed" value="65529"/>
<task name="Clear_Completed" value="65530"/>
<task name="Multiply" value="65531"/>
<task name="Add" value="65532"/>
<task name="Clear" value="65533"/>
</tasks>
<opcodes>
</opcodes>
<keywords>
<keyword name="Clear" message="$(string.keyword_Clear)" mask="0x1"/>
<keyword name="Add" message="$(string.keyword_Add)" mask="0x2"/>
<keyword name="Multiply" message="$(string.keyword_Multiply)" mask="0x4"/>
</keywords>
<events>
<event value="1" version="0" level="win:Informational" message="$(string.event_Clear)" keywords="Clear" task="Clear"/>
<event value="4" version="0" level="win:Informational" keywords="Clear" task="Clear_Completed"/>
<event value="2" version="0" level="win:Informational" message="$(string.event_Add)" keywords="Add" task="Add" template="AddArgs"/>
<event value="5" version="0" level="win:Informational" keywords="Add" task="Add_Completed" template="Add_CompletedArgs"/>
<event value="3" version="0" level="win:Informational" message="$(string.event_Multiply)" keywords="Multiply" task="Multiply" template="MultiplyArgs"/>
<event value="6" version="0" level="win:Informational" keywords="Multiply" task="Multiply_Completed" template="Multiply_CompletedArgs"/>
</events>
<templates>
<template tid="AddArgs">
<data name="x" inType="win:Int32"/>
<data name="y" inType="win:Int32"/>
</template>
<template tid="Add_CompletedArgs">
<data name="" inType="win:Int32"/>
</template>
<template tid="MultiplyArgs">
<data name="x" inType="win:Int32"/>
<data name="y" inType="win:Int32"/>
</template>
<template tid="Multiply_CompletedArgs">
<data name="" inType="win:Int32"/>
</template>
</templates>
</provider>
</events>
</instrumentation>
<localization>
<resources culture="en-US">
<stringTable>
<string id="event_Add" value="Add %1 %2"/>
<string id="event_Clear" value="Clear"/>
<string id="event_Multiply" value="Multiply %1 %2"/>
<string id="keyword_Add" value="Add"/>
<string id="keyword_Clear" value="Clear"/>
<string id="keyword_Multiply" value="Multiply"/>
</stringTable>
</resources>
</localization>
</instrumentationManifest>
Note how the metadata that we added to our interface is automatically output as part of the manifest.
You save this data to a file (icalculatoreventsource.man) and register it with wevtutil.exe:
wevtutil.exe install-manifest icalculatoreventsource.man
Then your provider will show up as a built-in provider on the given system.