home.social
Sign in Create account

#etw — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #etw, aggregated by home.social.

  1. raptor @[email protected] ·

    No Agent, No Problem: Discovering Remote #EDR

    #Windows #ETW

    jonny-johnson.medium.com/no-ag

    #edr #windows #etw
  2. Jiří Činčura ↹ @[email protected] ·

    PerfView and TraceEvent 3.1.18

    github.com/microsoft/perfview/

    #dotnet #perf #etw #lttng #performance

    #performance #lttng #etw #perf #dotnet
  3. Habr @[email protected] ·

    Три слона, на которых держится логирование в Windows

    Продолжаем наш цикл статей о типах и методах работы сборщиков данных с конечных точек, или, как принято их называть – агентов. В первой статье мы познакомились с этой сущностью и изучили основные нюансы сбора данных с их помощью. Так как мы в рамках разработки своих продуктов занимаемся и лог-менеджментом, и сбором событий, то хочется поделиться продолжением нашей обширной аналитики в quickstart формате. Поэтому в этом выпуске подробнее разберем функционал и используемые инструменты источников на ОС Windows.

    habr.com/ru/companies/security

    #Логирование #сбор_событий #eventlog #журналы_windows #журналы_событий #sysmon #event_tracing_for_windows #event_logging #event_log #etw

    #etw #event_log #event_logging #event_tracing_for_windows #sysmon #журналы_событий
  4. José Dapena Paz @[email protected] ·

    New blog post! Stack walk profiling NodeJS in Windows: blogs.igalia.com/dape/2023/03/ #etw #webperf cc @igalia (1/4)

    #webperf #etw
  5. José Dapena Paz @[email protected] ·

    Last blog post in my native call stack profiling series just published. This time about the work I did this year in #V8 #Windows #ETW stack walk support: blogs.igalia.com/dape/2022/12/

    In march, V8 ETW support was broken. After fixing a small regression, we could proceed improving readability of the traces, and improving initialization. This @igalia work was sponsored by #Bloomberg.

    The overhead in V8 is very small now, making the traces more accurate. This work is available in V8 10.9.0.

    #WebPerf

    #webperf #bloomberg #etw #windows #v8
  6. José Dapena Paz @[email protected] ·

    Just published the second blog post in my native call stack profiling series, about Event Tracing for Windows and #Chromium: blogs.igalia.com/dape/2022/11/

    #ETW is the native tracing/profiling tool in #Windows. It samples stack traces for further analysis. #V8 assists providing information of the JIT-compiled functions, then available for stack walk analysis.

    Big thanks to @[email protected], for his series of blog posts about performance analysis, and for writing #UIForETW. github.com/google/UIforETW

    #uiforetw #v8 #windows #etw #chromium
  7. HCS ▋ @[email protected] ·

    Just published: Solving #Windows Log Collection Challenges with Event Tracing nxlog.co/whitepapers/windows-e #etw

    Event Tracing for Windows (ETW) logs kernel, application and other system activity. ETW provides better data and uses less resources.

    I also added a section with an example of messing around with ETW for another reason to do ETW data centralization.

    This part had to be taken out though: infosec.exchange/@superruserr/

    #etw #windows
  8. HCS ▋ @[email protected] ·

    @maxg See youtube.com/watch?v=gj_bOp7JYU #splunk #logging #etw

    #etw #logging #splunk
  9. HCS ▋ @[email protected] ·

    Intrusion Detection with #ETW

    blog.zacbrown.org/2017/04/11/h

    blog.zacbrown.org/2017/05/9/hi

    #infosec

    #infosec #etw
  10. HCS ▋ @[email protected] ·

    A few tries at sending test #ETW events (from Microsoft-Windows-DNSServer provider) to #Splunk over Syslog. Now just need to find a scenario to show various ETW traces etc.

    #splunk #etw