WPA没有看到ETW事件数据,tracerpt确实如此
问题描述:
我正在捕获ADO.Net诊断ETW,如Data Access Tracing in SQL Server 2008中所述。该安装方法的效果,一个ETL生成文件,我可以看到的ADO.Net跟踪如果我使用,也就是说,tracerpt:WPA没有看到ETW事件数据,tracerpt确实如此
System.Data, TextA, 0, 0, 0, 0, 17, 0, 0x0000000000000000, 0x000007D0, 0x00003A64, 1, , , {00000000-0000-0000-0000-000000000000}, , 131485096603462277, 450, 2400, 2, "enter_01 <prov.DbConnectionHelper.CreateDbCommand|API> 1# "
System.Data, TextA, 0, 0, 0, 0, 17, 0, 0x0000000000000000, 0x000007D0, 0x00003A64, 1, , , {00000000-0000-0000-0000-000000000000}, , 131485096603469806, 450, 2400, 2, "<sc.SqlCommand.set_Connection|API> 1#, 1# "
System.Data, TextA, 0, 0, 0, 0, 17, 0, 0x0000000000000000, 0x000007D0, 0x00003A64, 1, , , {00000000-0000-0000-0000-000000000000}, , 131485096603469816, 450, 2400, 2, "leave_01 "
System.Data, TextA, 0, 0, 0, 0, 17, 0, 0x0000000000000000, 0x000007D0, 0x00003A64, 1, , , {00000000-0000-0000-0000-000000000000}, , 131485096603471294, 450, 2400, 2, "<sc.SqlCommand.set_CommandText|API> 1#, '"
System.Data, TextA, 0, 0, 0, 0, 17, 0, 0x0000000000000000, 0x000007D0, 0x00003A64, 1, , , {00000000-0000-0000-0000-000000000000}, , 131485096603474160, 450, 2400, 2, "select cast(serverproperty('EngineEdition') as int)"
System.Data, TextA, 0, 0, 0, 0, 17, 0, 0x0000000000000000, 0x000007D0, 0x00003A64, 1, , , {00000000-0000-0000-0000-000000000000}, , 131485096603474174, 450, 2400, 2, "' "
System.Data, TextA, 0, 0, 0, 0, 17, 0, 0x0000000000000000, 0x000007D0, 0x00003A64, 1, , , {00000000-0000-0000-0000-000000000000}, , 131485096603523068, 450, 2400, 2, "<sc.SqlCommand.ExecuteReader|INFO> 1#, Command executed as SQLBATCH. "
但如果我同一个ETL装入WPA我看到一无所知捕获的事件有用。所有的这提供商显示事件Event Name<Unknown>,Event TypeClassic和有关实际ADO.Net事件信息没有资料(即在tracerpt CSV输出的最右边一列。):
Line #, Provider Name, Task Name, Type (Opcode/Type), Opcode Name, Id, Process, Annotation, Event Name, Event Type, Message, Cpu, ThreadId, Message, UserDataLength, Time (s)
1, 914abde3-171e-c600-3348-c514171de148, <Unknown>, 17, , 0, Unknown, <Not Annotated>, <Unknown>, Classic, , 3, 14056, , 0, 22.877068496
2, 914abde3-171e-c600-3348-c514171de148, <Unknown>, 17, , 0, Unknown, <Not Annotated>, <Unknown>, Classic, , 0, 14056, , 0, 22.877265256
3, 914abde3-171e-c600-3348-c514171de148, <Unknown>, 17, , 0, Unknown, <Not Annotated>, <Unknown>, Classic, , 0, 14056, , 0, 22.877275482
4, 914abde3-171e-c600-3348-c514171de148, <Unknown>, 17, , 0, Unknown, <Not Annotated>, <Unknown>, Classic, , 0, 14056, , 0, 22.877276892
5, 914abde3-171e-c600-3348-c514171de148, <Unknown>, 17, , 0, Unknown, <Not Annotated>, <Unknown>, Classic, , 0, 14056, , 0, 22.877299460
6, 914abde3-171e-c600-3348-c514171de148, <Unknown>, 17, , 0, Unknown, <Not Annotated>, <Unknown>, Classic, , 0, 14056, , 0, 22.877301223
7, 914abde3-171e-c600-3348-c514171de148, <Unknown>, 17, , 0, Unknown, <Not Annotated>, <Unknown>, Classic, , 1, 13276, , 0, 23.061972110
8, 914abde3-171e-c600-3348-c514171de148, <Unknown>, 17, , 0, Unknown, <Not Annotated>, <Unknown>, Classic, , 1, 13276, , 0, 23.061975636
9, 914abde3-171e-c600-3348-c514171de148, <Unknown>, 17, , 0, Unknown, <Not Annotated>, <Unknown>, Classic, , 1, 13276, , 0, 23.062004550
10, 914abde3-171e-c600-3348-c514171de148, <Unknown>, 17, , 0, Unknown, <Not Annotated>, <Unknown>, Classic, , 1, 13276, , 0, 23.063588859
11, 914abde3-171e-c600-3348-c514171de148, <Unknown>, 17, , 0, Unknown, <Not Annotated>, <Unknown>, Classic, , 1, 13276, , 0, 23.063617421
由于所有其他数据我捕捉我可以在WPA中进行分析,我想知道ADO.Net诊断提供程序有什么不同,这些事件对WPA来说太不透明了?
答
Windows性能分析器从注册表读取清单数据以解码事件。如果WPA无法获取数据,则只显示提供程序的GUID,对于任务名称和事件名称只显示<Unknown>。那些通过ADO跟踪的Managed Object Format (MOF) files不被WPA(传统,传统提供商)支持,但它看起来像tracerpt.exe确实支持它。
对于仅查找事件的ETL文件的原始分析,我建议Perfview。
它有自己的解析器来获得解码活动:
<Event MSec= "26176,0393" PID="11304" PName="foo" TID="8336" EventName="AdoNetDiag/TextW"
TimeStamp="09.02.17 16:47:39.338496" ID="Illegal" Version="0" Keywords="0x00000000" TimeStampQPC="1.241.241.278.025"
Level="Always" ProviderName="Bid2Etw_ADONETDIAG_ETW" ProviderGuid="7acdcac8-8947-f88a-e51a-24018f5129ef" ClassicProvider="True"
Opcode="18" TaskGuid="7acdcac9-8947-f88a-e51a-24018f5129ef" Channel="0" PointerSize="4"
CPU="1" EventIndex="1328680" TemplateType="DynamicTraceEventData">
<PrettyPrint>
<Event MSec= "26176,0393" PID="11304" PName="foo" TID="8336" EventName="AdoNetDiag/TextW" ProviderName="Bid2Etw_ADONETDIAG_ETW" ModID="0" msgStr="01:CONNECTED [526D0000]C:\Windows\Microsoft.Net\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll "System.Data.SNI.1" {C9996FA5-C06F-F20C-8A20-69B3BA392315}
"/>
</PrettyPrint>
所以使用WPA对CPU,磁盘,文件IO和Perfview对事件的性能分析。
我有同样的困难。仅供参考我使用微软消息分析器(https://technet.microsoft.com/en-us/library/jj649776.aspx)和它的工作(与完全相同的.etl)与一些调整 –