Home > Forums > Logparser Forums > Output Targets > Seems that ETW-live works only with NAT

Thread: Seems that ETW-live works only with NAT

Last post 08-06-2009 7:56 AM by suhanovsergey. 0 replies.

Average Rating Rate It (5)Thank you for the rating!

RSS

Page 1 of 1 (1 items)

Sort Posts:

Shortcuts

Search | Active Posts | Unanswered Posts | View all users

08-06-2009, 7:56 AM

suhanovsergey
Joined on 08-06-2009, 5:09 AM
Posts 3

Seems that ETW-live works only with NAT

Reply Contact

Hello, I want to dump events from live ETW session into XML file at realtime. Another tool is going to parse this file as it is being written. I tried this command: "LogParser "SELECT * INTO out.xml FROM ExampleTrace" -i:ETW -o:XML". That created zero-size file 1.xml and the file was empty even after I had interrupted LogParser with Ctrl+C. I would be pretty ok with any other text-based output format but I couldn't make any output format work as I want. It seems that ETW-live input work ok only with NAT output with default options (-rtp:10) which makes it useless for realtime dumping purposes. "LogParser "SELECT * FROM ExampleTrace" -i:ETW" works OK, "LogParser "SELECT * FROM ExampleTrace" -i:ETW -rtp:-1" does nothing. Of course there is a workaround: use LogQuery and write the data however/whereever I want. Is it a bug or I am doing something wrong?

Page 1 of 1 (1 items)