ETW Trace providers – when to use what

You may perhaps have used Event Tracing Feature of Windows aka ETW for debugging many server side problems related to IIS. When I first learnt about ETW and started using it, I found it to be really cool! Unfortunately there’s not a lot of documentation around using it. For Eg: When to use which provider….



Continuing my conversations on using tools, today I want to explain how to capture an ETW trace and parse it. Event tracing for Windows (ETW) is a very powerful, tracing mechanism built into the Windows operating system that allows you to view messages from various subsystems. This is very helpful in troubleshooting problems on the…


Debugging sSL handshake failure using network monitor – a scenario

In one of my earlier post I explained how to use Microsoft Network Monitor to debug a networking problem. Network trace tools aren’t very useful in debugging problems when the channel is secured (HTTPS) and you need to view the data to make your conclusions. However you can still debug SSL handshake failures using network…


Using Microsoft network monitor to track down networking problems

There are a lot of software tools provided by Microsoft and written by other companies that really make the job of a support engineer easy. Without software tools, it is extremely difficult to track down software problems. Mark Russinovich is famous for the Windows tools he has written and they are widely used by Microsoft…


Capturing simultaneous network traces from client & server machine

In this blog post, I want to provide you with instructions on capturing simultaneous network traffic captures from a client system and from the web server. The captures will assist you in debugging networking related problems. Download Microsoft Network Monitor (Current version 3.2) : download Instructions for capturing network traffic with network monitor Note: The…