Data Access Tracing (Windows 8)

  • Article

Beginning in Windows 8, it is easier to enable and disable data access tracing and you can enable tracing without restarting the WDAC application. The output file also has more useful tracing points, and is easier to read. See Data Access Tracing (Legacy) for the data access tracing procedure that was available prior to Windows 8.

Data Access Tracing in Windows 8

Tracing an Application

To prepare to trace an application called c:\temp\abc.exe, type the following commands in an elevated PowerShell console:

  1. For each computer that you will use to trace an application, Create a user-defined Data Collector Set (DCS) by importing the DCS template with the command:

    $WinPath = [System.Environment]::GetFolderPath("Windows")
logman import WDAC_BidTrace -xml "$WinPath\PLA\Templates\WDAC_Diagnostics.xml" –u domain\UserName *

    Warning

    Not specifying -u makes a DCS runs under the SYSTEM account, which can be a security risk.

  2. In a PowerShell console, start tracing by typing:

    Import-Module Wdac
$bidObj = Enable-WdacBidTrace -Path "c:\temp\abc.exe" -Platform 64-bit -PassThru
logman start WDAC_BidTrace

    For more information, see logman.

  3. End tracing by typing:

    logman stop WDAC_BidTrace
Disable-WdacBidTrace $bidObj

    The log will be saved to a location similar to the following path:

    C:\PerfLogs\machineName_Date-Index\WDAC_Diagnostics.etl

  4. Dump the contents of the log by typing:

    TraceRPT /y C:\PerfLogs\machineName_Date-Index\WDAC_Diagnostics.etl /of CSV

Dynamic Tracing Configuration

In Windows 7, BID tracing can only be enabled before the WDAC module is loaded (usually at process startup). However, this might not be possible to restart an application, or to reload a module, for diagnostic purposes (for example, for a long-running server application or a problem that might not occur after a restart). You can use exactly the same procedure as mentioned above to enable BID tracing for a running application. The trace log will contain trace events that occur after you enable tracing. Trace events that occur before you enable the tracing will not appear in the trace log. There is no performance impact if tracing is not enabled or after tracing ends.

Dynamic loading is supported for the following components:

Component

BID Provider Name

ODBC Driver Manager (odbc\core\dm)

ODBC.1

SQL ODBC Driver (sqlinterfaces\odbc\drivers\sqlsrvr)

SQLSRV32.1

ODBC BCP (sqlinterfaces\odbc\drivers\odbcbcp)

odbcbcp.1

DBNetLib (sqlinterfaces\netlibs\nt\ssock\src)

DBNETLIB.1

OleDB Core Service (oledb\src)

OLEDB.1

SQL OleDB Provider (sqlinterfaces\sqloledb\src)

SQLOLEDB.1

Kagera (sockeye\drivers\kagera)

MSDASQL.1

OleDB Cursor Engine (rds\ce)

MSADCE.1

OleDB Persistence Services (rds\persist)

MSDAPRST.1

ADO Core (ado\src\adodb)

ADODB.1

ADOX (ado\src\adox)

MSADOX.1

ADO MD (ado\src\adomd)

ADOMD.1

Msdart (shared\msdart\src\core)

MSDART.1

OleDB helper DLL (shared\msdatl\src)

MSDATL3.1

ADO Data Object Rowset Helper (ado\src\rwsthlpr)

RowsetHelper.1

More About the Data Collector Set Template

Beginning in Windows 8, you are not required to download a control file. Instead, you will create a data collector set (DCS) based on the DCS template WDAC_Diagnostics.xml which can be found in C:\Windows\PLA\Templates. The DCS template is simply a XML file that defines a sample DCS. The DCS template specifies ETW providers to enable, and their default detailed trace level.

Create a User-Defined DCS

You can create a user-defined DCS by importing the DCS template with the command:

$WinPath = [System.Environment]::GetFolderPath("Windows")
logman import WDAC_BidTrace -xml "$WinPath\PLA\Templates\WDAC_Diagnostics.xml"

You can also use Performance Monitor to define the new DCS:

  1. Start Performance Monitor from Control Panel->Administrator Tools.

  2. Right click Data Collector Sets -> User Defined.

  3. Click New -> Data Collector Set.

  4. Type a name for the DCS, such as WDAC_BidTrace.

  5. Select Create from a template (Recommended) and click Next.

  6. Select WDAC Diagnostics as the template to use and click Next.

  7. Select a location to store the log file, or accept the default location and click Finish.

Set the Verbose Level

Select a user-defined DCS in the left pane of Performance Monitor, right click WDAC Diagnostics in the right pane, and select Properties. The WDAC Diagnostics Properties dialog box will display. When you select a provider, for example ADODB.1, you can use the Keyword(Any) property to set the verbose level of trace. This property is interpreted as a bit mask.

WDAC Diagnostics Properties dialog box

For all WDAC components, the meanings of various bit masks in this property are:

Bit Mask

Description

0x0000007F

The default value. Trace common diagnostics information and API level trace information.

0x00000080

Trace advanced diagnostics messages, like OLEDB properties.

0x00001000

Trace pooling diagnostics information.

0x00040000

Trace TDS package contents.

This Keyword(Any) property is a bit mask. You need to do a bitwise-OR operation to do use-defined tracing, for example:

  1. If you want to trace both common and advanced diagnostics information, use 0x000000FF.

  2. If you want to trace both common and pooling diagnostics information, use 0x0000107F.

  3. If you want to trace all diagnostics information, use 0x000410FF.

You can also create another user-defined DCS with a different detail level setting. For example, you can create a DCS named WDAC_BidTrace_Adv that imports the WDAC Diagnostics template and set a more verbose detail level in the new DCS, not changing the original WDAC_BidTrace DCS.

Note

For third party driver and providers, Keyword(Any) usage is driver or provider specific; developers should refer to the documentation for the third party driver or provider.

Setting the DCS Output Directory

Right click a user-defined DCS in the left pane of Performance Monitor and select Properties. This will display the properties dialog box for the DCS. In the Directory tab, you can configure the output directory of the log file.

WDAC DCS Properties dialog box

More about Configuring BID Trace with PowerShell Commands

You can start or stop data access tracing with PowerShell commands:

  • Get-WdacBidTrace (get the current setting of the data access trace)

  • Enable-WdacBidTrace (start the data access trace)

  • Disable-WdacBidTrace (stop the data access trace)

There are different tracing modes that configure the application and the process for tracing.

Mode

Parameters

Description

Application and Process ID

-Path "C:\temp\abc.exe" -ProcessId 1234

Tracing is enabled for the specified process of the application. You must specify the full path of the application.

Application

-Path "C:\temp\abc.exe"

Tracing is enabled for the application. You must specify the full path of the application.

Applications in a Folder (Directory)

-Folder "C:\temp"

Tracing is enabled for all applications (*.exe) in the folder but not for applications in subdirectories of the specified folder.

All WDAC Applications

-IncludeAllApplications

Tracing is enabled for all WDAC applications.

For more information about the WDAC PowerShell commands, see Windows Data Access Components PowerShell Commands.