The TraceRpt utility converts the binary data in the
event trace logs for the system into a format that you can use for
permanent database storage or other needs. This utility uses the
following syntax (the first syntax is for data stored in files, while
the second is for real-time data conversion):
TraceRpt filename [filename ...] [options]
TraceRpt -rt <session_name [session_name ...] [options]
The following list describes each of the command line arguments and options.
filename
Specifies one or more Event Trace Log (ETL) files to process.
-rt
Performs real-time processing instead of converting a file.
session_name
Specifies the session to track in real time.
-o
[filename]
Specifies the output file for the ETL data. The output is in CSV format. The default filename is dumpfile.csv.
-summary
[filename]
Specifies a summary report text file. The output is in CSV format. The default filename is summary.txt.
-report
[filename]
Specifies a text output report file for the ETL data. The default filename is workload.txt.
-config
filename
Specifies the name of a settings file that contains the required command options.
-y
Answers yes to all of the utility questions without prompting the user.
-f {XML | HTML}
Defines the output format of the report. The output format defines what you see on screen.
-of {CSV | EVTX | XML}
Specifies the dump format (the format when outputting to a file). The default output is XML.
-df
Filename
Provides a Microsoft-specific counting and reporting schema file.
-int
Filename
Specifies the name of a file to use to dump the interpreted event structure.
-rts
Places a raw time stamp in the event trace header. You can use this option with the –o option, but not with the –report or –summary options.
-tmf
Filename
Specifies the
name of a Trace Message Format (TMF) definition file. The TMF file
contains instructions for parsing and interpreting binary data. You can
discover more about the structure and contents of the TMF definition
file at http://msdn2.microsoft.com/en-gb/library/ms797950.aspx.
-tp
Value
Defines the TMF file search paths. As with any other path, you can separate multiple paths using the semicolon (;).
-i
Value
Defines the provider image path. A provider is the originator of an event log. Learn more about providers at http://msdn2.microsoft.com/en-gb/library/ms797953.aspx. The Program Database (PDB) file that matches the provider is located in the symbol server. Details of the PDB appear at http://msdn2.microsoft.com/en-gb/library/ms797956.aspx. As with any other path, you can separate multiple paths using the semicolon (;).
-pdb
Value
Defines the symbol server path. As with any other path, you can separate multiple paths using the semicolon (;).
-gmt
Converts that
Windows Software Trace Preprocessor Payload (WPP) time stamps to
Greenwich Mean Time (GMT) time. You can learn more about the WPP at http://msdn2.microsoft.com/en-gb/library/ms793164.aspx.
-rl {1 | 2 | 3 | 4 | 5}
Sets the system report level. The default level is 1. A higher report level includes more information in the report.
-lr
Creates a less restrictive report. The utility uses a best match system for events that don't match the event schema.
-export
[Filename]
Exports the event schema to a file. The default filename is Schema.MAN. You can optionally provide a different filename.
