Get-WdacBidTrace
Get-WdacBidTrace
Retrieves Built-in Diagnostics Tracing (BidTrace) for troubleshooting WDAC components.
Syntax
Parameter Set: Path
Get-WdacBidTrace [[-Path] <String> ] [-AsJob] [-CimSession <CimSession> ] [-Platform <String> ] [-ProcessId <UInt32> ] [-ThrottleLimit <Int32> ] [ <CommonParameters>]
Parameter Set: AllApp
Get-WdacBidTrace -IncludeAllApplications [-AsJob] [-CimSession <CimSession> ] [-Platform <String> ] [-ThrottleLimit <Int32> ] [ <CommonParameters>]
Parameter Set: Folder
Get-WdacBidTrace -Folder <String> [-AsJob] [-CimSession <CimSession> ] [-Platform <String> ] [-ThrottleLimit <Int32> ] [ <CommonParameters>]
Detailed Description
The Get-WdacBidTrace retrieves a list of BidTrace setting for different applications.
For more information about data access tracing (Bidtrace), see Data Access Tracing (Windows 8).
Parameters
-Path<String>
Gets only WDAC BidTrace settings that are associated with the specified application full path. You can use wildcard characters. The default is to return all WDAC BidTrace settings.
Aliases |
none |
Required? |
false |
Position? |
1 |
Default Value |
none |
Accept Pipeline Input? |
true (ByPropertyName) |
Accept Wildcard Characters? |
true |
-ProcessId<UInt32>
Gets only WDAC BidTrace settings that are associated with the specified Process ID. The parameter ProcessId is optional. The default is to return all WDAC BidTrace settings.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true (ByPropertyName) |
Accept Wildcard Characters? |
false |
-Folder<String>
Gets only WDAC BidTrace settings that are associated with the specified folder. You can use wildcard characters.
Aliases |
none |
Required? |
true |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true (ByPropertyName) |
Accept Wildcard Characters? |
true |
-IncludeAllApplications
Gets only WDAC BidTrace settings that are associated with 'all applications'.
Aliases |
none |
Required? |
true |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true (ByPropertyName) |
Accept Wildcard Characters? |
false |
-Platform<String>
The platform architecture of the WDAC BidTrace setting. Possible values are '32-bit', '64-bit' or 'All'. The default is 'All'. This is the platform architecture on the remote machine if this command is executed on a remote CIM session.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true (ByPropertyName) |
Accept Wildcard Characters? |
false |
-AsJob
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-CimSession<CimSession>
Runs the cmdlet in a remote session or on a remote computer. Enter a computer name or a session object, such as the output of a New-CimSession or Get-CimSession cmdlet. The default is the current session on the local computer.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-ThrottleLimit<Int32>
Specifies the maximum number of concurrent operations that can be established to run the cmdlet. If this parameter is omitted or a value of 0 is entered, then Windows PowerShell® calculates an optimum throttle limit for the cmdlet based on the number of CIM cmdlets that are running on the computer. The throttle limit applies only to the current cmdlet, not to the session or to the computer.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
<CommonParameters>
This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
Outputs
The output type is the type of the objects that the cmdlet emits.
- Microsoft.Management.Infrastructure.CimInstance#MSFT_WdacBidTrace[]
Examples
Get all BidTrace settings for both 32-bit and 64-bit platform:
C:\PS>Get-WdacBidTrace
Gets the BidTrace setting for the application "C:\temp\abc.exe" and the specific settings for all of its process instances on the 32-bit platform:
C:\PS>Get-WdacBidTrace -Path "C:\temp\abc.exe" -Platform 32-bit
Gets the BidTrace setting for the application "C:\temp\abc.exe" with Process ID = 1234 on the 64-bit platform:
C:\PS>Get-WdacBidTrace -Path "C:\temp\abc.exe" -ProcessId 1234 -Platform 64-bit
Gets the BidTrace setting for the application matching the wildcard pattern "C:\*\abc.exe" on the 64-bit platform:
C:\PS>Get-WdacBidTrace -Path "C:\*\abc.exe" -Platform 64-bit
Gets the BidTrace setting for the application located inside "C:\temp" on the 32-bit platform:
C:\PS>Get-WdacBidTrace -Folder "C:\temp" -Platform 32-bit
Gets the BidTrace setting for the application located inside a folder matching the wildcard pattern "C:\t*mp" on the 32-bit platform:
C:\PS>Get-WdacBidTrace -Folder "C:\t*mp" -Platform 32-bit
Gets the BidTrace setting (applied to all 32-bit applications) on the computer:
C:\PS>Get-WdacBidTrace -IncludeAllApplications -Platform 32-bit
Save the result into a PowerShell variable:
C:\PS>$bidArray = Get-WdacBidTrace
Related topics
N:Wdac