OpenTraceFromBufferStream function (evntrace.h)

Creates a trace processing session that is not directly attached to any file or active session.

Syntax

ETW_APP_DECLSPEC_DEPRECATED PROCESSTRACE_HANDLE WMIAPI OpenTraceFromBufferStream(
  const ETW_OPEN_TRACE_OPTIONS    *Options,
  PETW_BUFFER_COMPLETION_CALLBACK BufferCompletionCallback,
  void                            *BufferCompletionContext
);

Parameters

Options

Configuration options for this processing session. See ETW_OPEN_TRACE_OPTIONS for more details

BufferCompletionCallback

When the processing session is done with a buffer passed in from ProcessTraceAddBufferToBufferStream, it will invoke this callback to allow for any freeing or other cleanup that may be required for that buffer.

BufferCompletionContext

User-provided context that will be passed to the BufferCompletionCallback.

Return value

A TRACEHANDLE that is used to identify this processing session. Typically passed to ProcessTrace to begin processing and to CloseTrace to end processing.

Remarks

The caller is expected to supply the data for the trace by calling ProcessTraceAddBufferToBufferStream. This is typically used for remote real-time trace processing: a remote system uses OpenTraceFromRealTimeLogger and ProcessTrace with a BufferCallback that sends buffers over the network to a local system, then the local system calls OpenTraceFromBufferStream and ProcessTrace, receives buffers from the network and feeds them to the local trace processor using ProcessTraceAddBufferToBufferStream.

This processing mode requires that the buffers be provided in the same order that the buffers were received from ProcessTrace (for example, the first buffer contains header information and subsequent buffers are ordered by flush time). The only supported means to generate buffers in this way is from the BufferCallback from another OpenTraceFromBufferStream, OpenTraceFromFile, OpenTraceFromRealTimeLogger, OpenTraceFromRealTimeLoggerWithAllocationOptions processing session.

Requirements

Requirement Value
Minimum supported client Windows 11 2022 Update
Minimum supported server Windows Server 2022
Target Platform Windows
Header evntrace.h
Library Advapi32.dll
DLL Sechost.dll on Windows 8.1 and Windows Server 2012 R2; Advapi32.dll on Windows 8, Windows Server 2012, Windows 7, Windows Server 2008 R2, Windows Server 2008, Windows Vista and Windows XP