PKTMON_EVT_STREAM_METADATA - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
// pktmonnpik.h

typedef struct _PKTMON_EVT_STREAM_METADATA {
  UINT64        PktGroupId;
  UINT16        PktCount;
  UINT16        AppearanceCount;
  UINT16        DirectionName;
  UINT16        PacketType;
  UINT16        ComponentId;
  UINT16        EdgeId;
  UINT16        FilterId;
  UINT32        DropReason;
  UINT32        DropLocation;
  UINT16        ProcNum;
  LARGE_INTEGER TimeStamp;
} PKTMON_EVT_STREAM_METADATA;
View the official Windows Driver Kit DDI reference

NtDoc

No description available.

Edit description on GitHub

Windows Driver Kit DDI reference (ns-pktmonnpik-pktmon_evt_stream_metadata)

Description

The PKTMON_EVT_STREAM_METADATA structure contains metadata information used for event streaming.

Members

PktGroupId

Group Id for packets belonging to the same processor.

PktCount

The number of packets.

AppearanceCount

Packet Count belonging to the same Net Buffer List.

DirectionName

Enum value of PKTMON_DIRECTION. Specifies the direction for which the packet was reported.

PacketType

Packet Payload type as PKTMON_PACKET_TYPE.

ComponentId

ID of the component that reported the packet.

EdgeId

Edge ID of the component boundary from which packet was reported. An edge represents a pair of entry and exit points.

FilterId

The filter identifier.

DropReason

Packet drop reason code, defined in the PKTMON_DROP_REASON enum.

DropLocation

Packet drop location defined in the PKTMON_DROP_LOCATION enum.

ProcNum

Processor number when the packet was reported.

TimeStamp

Timestamp when the packet was reported. This is retrieved using KeQuerySystemTime.

Remarks

For more information, see the PacketMonitorCreateRealtimeStream function.

See also

View the official Windows Driver Kit DDI reference

Edit description on GitHub