none
Decode ETL trace file in non Windows OS RRS feed

  • Question

  • Hi All,

    Is there method available to decode the ETL file (ETW output file) in non Windows OS such as Linux or Android? Is it possible?

    Thanks,

    Vijayan.

    Monday, December 1, 2014 9:26 AM

Answers

  • As far I know there is nothing being shipped that does this, Microsoft does distribute the source of some of the tracing tools as part of the SDK, it might be possible to use that as inpiration to develop your own tool.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com

    Monday, December 1, 2014 1:00 PM

All replies

  • As far I know there is nothing being shipped that does this, Microsoft does distribute the source of some of the tracing tools as part of the SDK, it might be possible to use that as inpiration to develop your own tool.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com

    Monday, December 1, 2014 1:00 PM
  • On Windows, you can use the Trace Data Helper (TDH) APIs, as documented here. I know that isn't what you're asking for, but it may give you some insight on how to manipulate the files on other operating systems.

     -Brian


    Azius Developer Training www.azius.com Windows device driver, internals, security, & forensics training and consulting. Blog at www.azius.com/blog

    Monday, December 1, 2014 9:07 PM
    Moderator