On Thu, Oct 14, 2021, at 17:41, Frank Wayne wrote: > On Wed, Oct 13, 2021, at 18:16, Jason A. Donenfeld wrote: > > Event Logging appears to be rather slow and clunky [...]
In fact, Windows Event Logging has two APIs: ETW and WPP. The ETW API is, indeed, slow and clunky. However, the WPP API is very high-performance. The trace function in Windows native TCP stack is implemented with WPP. If someone like Frank has the time and ability, they could check this MSDN documentation and try to implement it: https://docs.microsoft.com/en-us/windows-hardware/drivers/devtest/wpp-software-tracing However, I also think this feature is *not* a prioritized task, at least for average users. I am not sure if I get Jason's idea: Is current Wireguard driver using a ring buffer of 2,048 messages for logging? I am not sure if it has a notify mechanism: Otherwise, the userspace collector will have to poll the logs. Polling too fast consumes power, polling too slow may skip messages. Best wishes, StarBrilliant
