MOF-Klassen der Ereignisablaufverfolgung

Die Klassen werden im Namespace \root\wmi definiert. Der EventVersion-Qualifizierer für die Kernelereignisse ordnet die Klasse einem bestimmten Betriebssystem zu. Beispielsweise ist Version 0 mit Windows 2000 verknüpft, Version 1 mit Windows XP und Windows Server 2003 und Version 2 mit Windows Vista.

Die folgenden MOF-Klassen definieren die ETW-Ereignisklassen.

• EventTrace
• EventTrace_Header
• EventTraceEvent
• Lost_Event
• MSNT_SystemTrace
• RT_LostEvent

Die folgenden MOF-Klassen definieren die Kernelereignisseklassen.

• ALPC
• ALPC_Receive_Message
• ALPC_Send_Message
• ALPC_Unwait
• ALPC_Wait_For_New_Message
• ALPC_Wait_For_Reply
• CSwitch
• DPC
• DiskIo
• DiskIo_TypeGroup1
• DiskIo_TypeGroup2
• DiskIo_TypeGroup3
• DriverCompleteRequest
• DriverCompleteRequestReturn
• DriverCompletionRoutine
• DriverMajorFunctionCall
• DriverMajorFunctionReturn
• FileIo
• FileIo_Create
• FileIo_DirEnum
• FileIo_Info
• FileIo_Name
• FileIo_OpEnd
• FileIo_ReadWrite
• FileIo_SimpleOp
• FileIo_V0
• FileIo_V0_Name
• FileIo_V1
• FileIo_V1_Name
• HWConfig
• HWConfig_CPU
• HWConfig_LogDisk
• HWConfig_NIC
• HWConfig_PhyDisk
• Image
• Image_Load
• Image_V0
• Image_V0_Load
• Image_V1
• Image_V1_Load
• ISR
• PageFault_V2
• PageFault_HardFault
• PageFault_ImageLoadBacked
• PageFault_TypeGroup1
• PerfInfo
• Prozess
• Process_TypeGroup1
• Process_V0
• Process_V0_TypeGroup1
• Process_V1
• Process_V1_TypeGroup1
• Process_V2
• Process_V2_TypeGroup1
• Process_V2_TypeGroup2
• ReadyThread
• Registrierung
• Registry_TypeGroup1
• Registry_V0
• Registry_V0_TypeGroup1
• Registry_V1
• Registry_V1_TypeGroup1
• SampledProfile
• SplitIo
• SplitIo_Info
• SysCallEnter
• SysCallExit
• SystemConfig
• SystemConfig_CPU
• SystemConfig_IDEChannel
• SystemConfig_IRQ
• SystemConfig_LogDisk
• SystemConfig_Network
• SystemConfig_NIC
• SystemConfig_PhyDisk
• SystemConfig_PnP
• SystemConfig_Power
• SystemConfig_Services
• SystemConfig_Video
• SystemConfig_V0_CPU
• SystemConfig_V0_LogDisk
• SystemConfig_V0_NIC
• SystemConfig_V0_PhyDisk
• SystemConfig_V0_Power
• SystemConfig_V0_Services
• SystemConfig_V0_Video
• Tcpip
• TcpIp_Fail
• TcpIp_SendIPV4
• TcpIp_SendIPV6
• TcpIp_TypeGroup1
• TcpIp_TypeGroup2
• TcpIp_TypeGroup3
• TcpIp_TypeGroup4
• TcpIp_V0
• TcpIp_V0_TypeGroup1
• TcpIp_V1
• TcpIp_V1_TypeGroup1
• Thread
• Thread_TypeGroup1
• Thread_V0
• Thread_V0_TypeGroup1
• Thread_V1
• Thread_V1_TypeGroup1
• Thread_V1_TypeGroup2
• Thread_V2
• Thread_V2_TypeGroup1
• UdpIp
• UdpIp_Fail
• UdpIp_TypeGroup1
• UdpIp_TypeGroup2
• UdpIp_V0
• UdpIp_V0_TypeGroup1
• UdpIp_V1
• UdpIp_V1_TypeGroup1