事件跟踪 MOF 类
类在 \root\wmi 命名空间中定义。 内核事件的 EventVersion 限定符将 类与特定操作系统相关联。 例如,版本 0 与 Windows 2000 相关联,版本 1 与 Windows XP 和 Windows Server 2003 相关联,版本 2 与 Windows Vista 相关联。
以下 MOF 类定义 ETW 事件类。
以下 MOF 类定义内核事件类。
- ALPC
- ALPC_Receive_Message
- ALPC_Send_Message
- ALPC_Unwait
- ALPC_Wait_For_New_Message
- ALPC_Wait_For_Reply
- CSwitch
- DPC
- DiskIo
- DiskIo_TypeGroup1
- DiskIo_TypeGroup2
- DiskIo_TypeGroup3
- DriverCompleteRequest
- DriverCompleteRequestReturn
- DriverCompletionRoutine
- DriverMajorFunctionCall
- DriverMajorFunctionReturn
- FileIo
- FileIo_Create
- FileIo_DirEnum
- FileIo_Info
- FileIo_Name
- FileIo_OpEnd
- FileIo_ReadWrite
- FileIo_SimpleOp
- FileIo_V0
- FileIo_V0_Name
- FileIo_V1
- FileIo_V1_Name
- HWConfig
- HWConfig_CPU
- HWConfig_LogDisk
- HWConfig_NIC
- HWConfig_PhyDisk
- 映像
- Image_Load
- Image_V0
- Image_V0_Load
- Image_V1
- Image_V1_Load
- ISR
- PageFault_V2
- PageFault_HardFault
- PageFault_ImageLoadBacked
- PageFault_TypeGroup1
- PerfInfo
- 进程
- Process_TypeGroup1
- Process_V0
- Process_V0_TypeGroup1
- Process_V1
- Process_V1_TypeGroup1
- Process_V2
- Process_V2_TypeGroup1
- Process_V2_TypeGroup2
- ReadyThread
- 注册表
- Registry_TypeGroup1
- Registry_V0
- Registry_V0_TypeGroup1
- Registry_V1
- Registry_V1_TypeGroup1
- SampledProfile
- SplitIo
- SplitIo_Info
- SysCallEnter
- SysCallExit
- SystemConfig
- SystemConfig_CPU
- SystemConfig_IDEChannel
- SystemConfig_IRQ
- SystemConfig_LogDisk
- SystemConfig_Network
- SystemConfig_NIC
- SystemConfig_PhyDisk
- SystemConfig_PnP
- SystemConfig_Power
- SystemConfig_Services
- SystemConfig_Video
- SystemConfig_V0_CPU
- SystemConfig_V0_LogDisk
- SystemConfig_V0_NIC
- SystemConfig_V0_PhyDisk
- SystemConfig_V0_Power
- SystemConfig_V0_Services
- SystemConfig_V0_Video
- TcpIp
- TcpIp_Fail
- TcpIp_SendIPV4
- TcpIp_SendIPV6
- TcpIp_TypeGroup1
- TcpIp_TypeGroup2
- TcpIp_TypeGroup3
- TcpIp_TypeGroup4
- TcpIp_V0
- TcpIp_V0_TypeGroup1
- TcpIp_V1
- TcpIp_V1_TypeGroup1
- 线程
- Thread_TypeGroup1
- Thread_V0
- Thread_V0_TypeGroup1
- Thread_V1
- Thread_V1_TypeGroup1
- Thread_V1_TypeGroup2
- Thread_V2
- Thread_V2_TypeGroup1
- UdpIp
- UdpIp_Fail
- UdpIp_TypeGroup1
- UdpIp_TypeGroup2
- UdpIp_V0
- UdpIp_V0_TypeGroup1
- UdpIp_V1
- UdpIp_V1_TypeGroup1