Category : .net-traceprocessing

I am trying to programatically get the list of device drives from an ETW with the great TraceProcessing Library which is used by WPA. using ITraceProcessor processor = TraceProcessor.Create(myEtlFile, new TraceProcessorSettings { AllowLostEvents = true, AllowTimeInversion = true, }); myProcesses = processor.UseProcesses(); foreach (var process in myProcesses.Result.Processes) { foreach (var dll in process.Images) { // ..

Read more