--- Begin Message ---
Hello libpcap team,

Yes exactly each packet is an event. The layout of the event is 
https://docs.microsoft.com/en-us/windows/win32/api/evntcons/ns-evntcons-event_header
 and 
https://docs.microsoft.com/en-us/windows/win32/api/evntcons/ns-evntcons-event_header_extended_data_item.
 But we aligned this format with the ETL (serialization use by microsoft) which 
is not well documented.

Thanks in advance to take care about our request.

Have a nice day,

Sylvain 

-- 
-- 
Don't hesitate to contact us if you have questions or need assistance.

Best regards,

Airbus CERT (AiG CERT)

Airbus CERT
PGP KeyId: 527B1472
PGP Fingerprint: 8001 FDE8 84DA 90FD 6D5F D011 6B83 10FF 527B 1472

On Fri May 29 19:08:04 2020, ghar...@sonic.net wrote:
> On May 29, 2020, at 3:23 AM, Airbus CERT via tcpdump-workers <tcpdump-
> work...@lists.tcpdump.org> wrote:
> > I would like to request you to get a DTL value for the PR
> > https://github.com/the-tcpdump-group/libpcap/pull/934.
> > This PR intend to add ETW capture for libpcap.
> So is each packet an Event Tracing for Windows:
>         https://docs.microsoft.com/en-us/windows/win32/etw/event-
> tracing-portal
> record of some sort?  If so, where is the format of that record
> defined?

The information in this e-mail is confidential. The contents may not be 
disclosed or used by anyone other than the addressee. Access to this e-mail by 
anyone else is unauthorised.
If you are not the intended recipient, please notify Airbus immediately and 
delete this e-mail.
Airbus cannot accept any responsibility for the accuracy or completeness of 
this e-mail as it has been sent over public networks. If you have any concerns 
over the content of this message or its Accuracy or Integrity, please contact 
Airbus immediately.
All outgoing e-mails from Airbus are checked using regularly updated virus 
scanning software but you should take whatever measures you deem to be 
appropriate to ensure that this message and any attachments are virus free.

--- End Message ---
_______________________________________________
tcpdump-workers mailing list
tcpdump-workers@lists.tcpdump.org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers

Reply via email to