EtwEventEnabled - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
#ifndef _NTWMI_H
#if (PHNT_MODE != PHNT_MODE_KERNEL)

NTSYSAPI
BOOLEAN
NTAPI
EtwEventEnabled(
    _In_ REGHANDLE RegHandle,
    _In_ PCEVENT_DESCRIPTOR EventDescriptor
    );

#endif
#endif

View code on GitHub
// wdm.h

BOOLEAN EtwEventEnabled(
  [in] REGHANDLE          RegHandle,
  [in] PCEVENT_DESCRIPTOR EventDescriptor
);
View the official Windows Driver Kit DDI reference

NtDoc

This function is documented in Windows Driver Kit.

Edit description on GitHub

Windows Driver Kit DDI reference (nf-wdm-etweventenabled)

EtwEventEnabled function

Description

The EtwEventEnabled function verifies whether an event is enabled.

Parameters

RegHandle [in]

A pointer to the event provider registration handle, which is returned by the EtwRegister function if the event provider registration is successful.

EventDescriptor [in]

A pointer to a constant EVENT_DESCRIPTOR.

Return value

The EtwEventEnabled function returns TRUE if the event is enabled and FALSE if the event is not enabled.

Remarks

If logging an event requires additional computing, the EtwEventEnabled function can be used to determine whether the event is going to be logged, which will minimize the overhead when logging is disabled.

If the event descriptor is not available, use the EtwProviderEnabled function instead.

See also

EtwProviderEnabled

View the official Windows Driver Kit DDI reference

Edit description on GitHub