locked
TraceLog.exe and TraceFmt.exe distributable? RRS feed

  • Question

  • Hi experts,

    I tried to read the WDK license file but found no exact answer.

    Regarding following “Software Tracing” tools listed on this URL: http://msdn.microsoft.com/en-us/library/ff552961(VS.85).aspx 
    • TraceViiew.exe
    • TraceLog.exe
    • TraceFmt.exe
    • DbgHelp.dll 
    Can they freely distributed into our product package so that we can programmingly collect log at customer’s machine?

    Thank you very much.
    Peter.


    Monday, January 3, 2011 9:19 AM

Answers

  • You might want to check the SDK archives at https://dev.windows.com/en-us/downloads/sdk-archive   If you modify the sources you may freely redistribute them, I have shipped customized versions that have the GUID hardcoded.


    Don Burn Windows Driver Consulting Website: http://www.windrvr.com

    Sunday, March 6, 2016 7:00 PM
  • Some of these tools are provided with the OS, in particular tracelog and tracefmt are provided with older OS'es and tracerpt replaces them in newer systems.  Also, tracelog and tracefmt sources are available in the SDK, so if you modify them (for instance change the name) they can be distributed.  These tools were packaged from the begining on the idea that users would need them.

    As far as I know Traceview is only with the WDK and is not redistributable. 


    Don Burn (MVP, Windows DKD) Windows Filesystem and Driver Consulting Website: http://www.windrvr.com Blog: http://msmvps.com/blogs/WinDrvr
    • Proposed as answer by Don Burn [Windrvr] Monday, January 3, 2011 1:19 PM
    • Marked as answer by peter..._ Tuesday, January 4, 2011 3:28 AM
    Monday, January 3, 2011 1:19 PM

All replies

  • Some of these tools are provided with the OS, in particular tracelog and tracefmt are provided with older OS'es and tracerpt replaces them in newer systems.  Also, tracelog and tracefmt sources are available in the SDK, so if you modify them (for instance change the name) they can be distributed.  These tools were packaged from the begining on the idea that users would need them.

    As far as I know Traceview is only with the WDK and is not redistributable. 


    Don Burn (MVP, Windows DKD) Windows Filesystem and Driver Consulting Website: http://www.windrvr.com Blog: http://msmvps.com/blogs/WinDrvr
    • Proposed as answer by Don Burn [Windrvr] Monday, January 3, 2011 1:19 PM
    • Marked as answer by peter..._ Tuesday, January 4, 2011 3:28 AM
    Monday, January 3, 2011 1:19 PM
  • Thank you very much Don.

    Following your guidance, I can now collect .etl using OS built-in 'logman.exe' and convert .etl to readable text file using 'tracerpt.exe' under Win7; however, the 'tracerpt' in XP can not convert .etl to .text and this is a requirement for us to utilizing WPP.

    So I tried to find the tracelog and tracefmt source in SDK but did not see them in my VC 2005. So could you please help me again in which SDK can i see the source of those two programs?

     

    Really appreciate your help!

    Tuesday, January 4, 2011 3:11 AM
  • After some search, I think the SDK sample can be found under the title "Event Tracing Samples".

    I will study them.

     

    Again, thank you very much Don!

    Tuesday, January 4, 2011 4:05 AM
  • Peter, what was you approach after all ? I saw in some samples I got (don't exactly know from what SDK, because on my VS10 installation couldn't find them) that tracelog has sources indeed.

    I need to have at least tracelog and tracefmt so that the client can decode traces to text under XP also. Traceview would be nice to have also as redistributable.

    Wednesday, April 18, 2012 9:49 AM
  • Peter, what was you approach after all ? I saw in some samples I got (don't exactly know from what SDK, because on my VS10 installation couldn't find them) that tracelog has sources indeed.

    I need to have at least tracelog and tracefmt so that the client can decode traces to text under XP also. Traceview would be nice to have also as redistributable.

    Hi, I end up implementing my own 'TraceLog' using OpenTrace/ProcessTrace/StopTrace APIs. They are well documented on MSDN can are supported on Win2k. There is a new set of TDH (Trace Data Helper) APIs (eg: TdhFormatProperty) but only for Vista and laters. The tool also support boot-time-logging for our drivers.

    I gave up implementing 'TraceFmt' since it's very hard to figure out various internal/undocumented structures of various 'WPP extended format specification string". 

    So, we can now only programmingly collect .ETL log and convert it to text locally using TraceFmt..

    Wednesday, April 18, 2012 10:42 AM
  • The samples are in the platform SDK.  But you should not need to redistribute them, they are shipped with the system take a look in the system directory.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com Blog: http://msmvps.com/blogs/WinDrvr

    Wednesday, April 18, 2012 10:47 AM
  • I gave up implementing 'TraceFmt' since it's very hard to figure out various internal/undocumented structures of various 'WPP extended format specification string". 

    So, we can now only programmingly collect .ETL log and convert it to text locally using TraceFmt..

    So basically you don't use WPP anymore (only your custom ETW logging?) since you don't have to interpret the undocumented structures from WPP ?
    Wednesday, April 18, 2012 12:17 PM
  • tracelog.exe and tracefmt.exe are not found on my Win7 instalation (also saw they are nt present on XP machines SP3)

    Only one that is present is tracerpt, and from what I see it is only used to generate reports based on *.etl files. I also need the ability to start the session and to save the *.etl/resulting txt file.

    Wednesday, April 18, 2012 12:43 PM
  • tracelog.exe and tracefmt.exe are not found on my Win7 instalation (also saw they are nt present on XP machines SP3)

    Only one that is present is tracerpt, and from what I see it is only used to generate reports based on *.etl files. I also need the ability to start the session and to save the *.etl/resulting txt file.

    Windows 7 comes with logman.exe, which is able to start and stop trace http://msdn.microsoft.com/en-us/magazine/cc163437.aspx

    -- Antti

    Wednesday, April 18, 2012 3:18 PM
  • Looks like I come to the thread after it was left by everybody long time ago but hopes die last and maybe someone could hear me.

    I have read the whole thread and apparently see no answer for the original question although I am very interested to know it too.

    I would like to use WPP tracing in a product but its using may represent serious pain without ability to freely use tracelog and tracefmt utilities. So is there any legal way to use them?

    Specifically regarding the points touched in the thread:

    -- I do not see tracelog/tracefmt installed with OS in Windows 7/8/10;

    -- As far as I see, tracerpt does not replace them (and I do not see anything close to tracelog abilities in it);

    -- I cannot find tracelog/tracefmt source code in vast amount of various Windows kits I have collected.

    So is there any way to find required (i.e. the source samples or reference to a redistribution permission)? Or is this not available?

    Sunday, March 6, 2016 6:43 PM
  • You might want to check the SDK archives at https://dev.windows.com/en-us/downloads/sdk-archive   If you modify the sources you may freely redistribute them, I have shipped customized versions that have the GUID hardcoded.


    Don Burn Windows Driver Consulting Website: http://www.windrvr.com

    Sunday, March 6, 2016 7:00 PM
  • Thanks a lot for the prompt reply.

    I checked the archive and I think I indeed found something close although I would not call this exactly tracelog and tracefmt source code. I must say that I found any samples related to this utilities only in "Windows Server 2008 and .NET Framework 3.5" SDK (6.0.6001.18000.367-KRMSDK_EN.iso). After this SDK is installed, folder "%ProgramFiles%\Microsoft SDKs\Windows\v6.1\Samples\WinBase\eventtrace" can be found with some samples and specifically TraceLog and tracedmp.

    The TraceLog is far not a source code to tracelog utilities distributed with DDKs. A lot of options is missing although the most basics one are indeed demonstrated. Very easy and quick additions bring the sample to a practical ability to collect reasonable traces (-flag, -seq/circ/newfile).

    Regretfully, the tracedmp is not tracefmt in any sense. Nevertheless, it demonstrated the way to extract messages and headers from a binary trace file (etl). This information is likely sufficient to implement a variety of tracefmt although not quick and easy. Also, analyzing this sample, I could not figure out where I get the processor ID tracefmt prints from.

    I could not find anything else closer than the samples are. Nevertheless, I find these pretty valuable to start dealing with "private" tracelog/tracefmt implementations. The true source code could be more valuable though.

    Thank you very much Don. Your information indeed helped me a lot.

    Constantine.

    Wednesday, March 9, 2016 11:48 AM
  • @MS: could your consider "open-sourcing" these tracing tools or samples on github, so that active users could contribute?

    -- pa

    Wednesday, March 9, 2016 12:29 PM