Export (0) Print
Expand All

PEF Providers

This section briefly describes the functions of the following Microsoft PEF providers that are native to Message Analyzer:

    PEF-NDIS-PacketCapture Provider

    PEF-WFP-MessageProvider

    PEF-WebProxy Provider

About Provider Manifests

Each Microsoft PEF provider has an ETW manifest that installs with Message Analyzer. A provider manifest is an XML file that specifies a formal description of the events a provider raises. It identifies the event provider, specifies the event types, and also describes the events.

A manifest can also associate its events with Keywords and Levels, which is a way to enable events and filter them as they are written for consumption:

  • Keywords — group events together that are logically related.

  • Level — indicates the severity or verbosity of an event, for example, critical, error, warning, or informational.

Tip  Keywords are different for many ETW providers. You might therefore consider consulting the community knowledge base for optimized configurations.

In addition, event consumers such as the PEF Runtime can make use of a manifest’s structured XML data to perform queries and analysis.

Manifests for all PEF providers reside in the following location:

c:\Windows\System32\

See Also

Reference

Event Manifest

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft