I have declared and defined a TraceLogProvider in my kernel driver along with a bunch of TraceLogging messages. The instructions for viewing those TraceLogging events in WinDbg during a live debug session is not clear. I have tried to follow instructions based on these 2 pages from MSDN.
which says I have to use
logman start TraceSession -ets -mode KernelFilter -bs 3
which I have to use to create a WPRP file to register my Trace Provider.
Right now, with my driver installed and working,
logman query providers does not list my driver as a trace provider. I am also not seeing any TraceLogging events in WinDbg.
Also, if I have to register my TraceProvider using
wevtutil, how do I do that during driver installation?
(Cross-posted on WDK forum on MSDN).