October 2009
Intermediate to advanced
1760 pages
93h 25m
English
Administrators, developers, and technical support personnel use event monitoring for gathering information about the state of the hardware, the software, and the system, as well as to monitor security events. To provide these users with useful information, you need to give an event the right level or severity, raise it to the appropriate log, provide it with the correct attributes, and give it a useful and actionable message.
Prior to Windows Vista, the Windows Event Log API and ETW were separate components. The Windows Event Log API published events in event logs, such as the System and Application event logs, while ETW could be used to start event tracing sessions for detailed troubleshooting ...