Event Tracing for Windows (ETW)

Event Tracing for Windows (ETW) provides a mechanism to trace and log events that are raised by user-mode applications and kernel-mode drivers. ETW is implemented in the Windows operating system and provides developers a versatile set of event tracing features.

Topics in this section include:

About Event Tracing for Drivers

Adding Event Tracing to Kernel-Mode Drivers

ETW Kernel-Mode Reference