Hypervisor Event Logging

The hypervisor provides a general mechanism for recording events within logs and exposing the resulting data, via buffers, to the root partition. Through this mechanism, the root partition can selectively collect various types of events, such as:

  • Security logs (for example, policy and rights modifications)

  • Diagnostic logs (for example, hardware or software failures)

  • Performance analysis information (for example, call traces and profiler data)

  • Self-test results

While the hypervisor defines the common framework to be used for buffers and events within buffers, the event data can be defined by particular applications.

The hypervisor implements functions that partitions can use for logging events. For more information about these functions, see Event Logging Functions.

The following sections describe the hypervisor's implementation of event logging:

Event Log Buffers

Event Log Buffer Groups

Local and Global Buffer Classes

Event Log Buffer Indices

Event Log Buffer States

Accessing Event Log Buffers

Preparing for Event Logging

Enabling and Disabling Event Logging

Logging Events into Buffers

Event Log Buffers Ready Notification

Completed Buffer Lists

Buffer Access Restrictions

Adding and Removing Buffers While Event Logging is Active

Concluding Event Logging

Event Logging Data Types

 

 

Send comments about this topic to Microsoft

Build date: 11/16/2013

Show:
Was this page helpful?
Your feedback about this content is important.
Let us know what you think.
Additional feedback?
Thank you!
We appreciate your feedback.
© 2014 Microsoft. All rights reserved.