getMapInfo always returns (nil, nil) #4
Comments
|
Hi! It's great to hear that it can be useful for the community! As you could see in MS docs and examples (e.g. https://docs.microsoft.com/en-us/windows/win32/etw/using-tdhgetproperty-to-consume-event-data) So if events you are interested in do not have such mappings As for your problem: we could think about an option like Sadly, I'm unsure about how difficult it can be in the current code, so I can't offer you an estimate of any kind. But. If you can hack through the code and check (or even confirm using docs/examples) whether we could just disable it without losing the possibility to get events with map information, it would surely help us to add the changes asap |
|
Hi, I spent a good deal of time looking and unfortunately was unable to find any confirmation that |
Hi, first off, thank you for making such a useful library.
I noticed an issue where
*event.EventProperties()was taking 2-5 milliseconds to return and causing high CPU usage. It appears that this is caused by the call toTdhGetEventMapInformationingetMapInfoin event.go. This function appears to always returnwindows.ERROR_NOT_FOUND, but only after doing some work for ~1 millisecond on my machine. This function is called multiple times for each call toEventProperties(). Is this a bug? I am running x64 Windows 10, version 1909 with x86_64-w64-mingw32-gcc version 8.1. Any information you can provide would be appreciated.The text was updated successfully, but these errors were encountered: