none
Kernel Flags RRS feed

  • Question

  • Can you point me to a good reference guide about kernel flags in kernel provider?

    Kernel Flags:
           PROC_THREAD    : Process and Thread create/delete
           LOADER         : Kernel and user mode Image Load/Unload events
           PROFILE        : CPU Sample profile
           CSWITCH        : Context Switch
           COMPACT_CSWITCH: Compact Context Switch
           DISPATCHER     : CPU Scheduler
           DPC            : DPC Events
           INTERRUPT      : Interrupt events
           SYSCALL        : System calls
           PRIORITY       : Priority change events
           ALPC           : Advanced Local Procedure Call
           PERF_COUNTER   : Process Perf Counters
           DISK_IO        : Disk I/O
           DISK_IO_INIT   : Disk I/O Initiation
           FILE_IO        : File system operation end times and results
           FILE_IO_INIT   : File system operation (create/open/close/read/write)
           HARD_FAULTS    : Hard Page Faults
           FILENAME       : FileName (e.g., FileName create/delete/rundown)
           SPLIT_IO       : Split I/O
           REGISTRY       : Registry tracing
           DRIVERS        : Driver events
           POWER          : Power management events
           NETWORKTRACE   : Network events (e.g., tcp/udp send/receive)
           VIRT_ALLOC     : Virtual allocation reserve and release
           MEMINFO        : Memory List Info
           ALL_FAULTS     : All page faults including hard, Copy on write, demand ze
    ro faults, etc.

    Thanks!
    Martin Kulov
    www.kulov.net

    VSTS MVP, MCT, MCSD, MCPD, INETA Speaker
    Monday, October 5, 2009 11:39 PM

All replies