Win32_ProcessTrace class
The Win32_ProcessTrace event WMI class is the base event for process events.
The following syntax is simplified from Managed Object Format (MOF) code and includes all of the inherited properties. Properties and methods are in alphabetic order, not MOF order.
Syntax
class Win32_ProcessTrace : Win32_SystemTrace
{
uint4 PageDirectoryBase;
uint32 ParentProcessID;
uint32 ProcessID;
string ProcessName;
uint8 SECURITY_DESCRIPTOR[];
uint32 SessionID;
uint8 Sid[];
uint8 TIME_CREATED;
};
Members
The Win32_ProcessTrace class has these types of members:
Properties
The Win32_ProcessTrace class has these properties.
- PageDirectoryBase
-
- Data type: uint4
- Access type: Read-only
Identifies the process page directory base.
- ParentProcessID
-
- Data type: uint32
- Access type: Read-only
Process that starts an event.
- ProcessID
-
- Data type: uint32
- Access type: Read-only
Process in an event. This property is inherited from Win32_ProcessTrace.
- ProcessName
-
- Data type: string
- Access type: Read-only
Name of the process. You can use this name to get the instance of Win32_Process for the same process.
- SECURITY_DESCRIPTOR
-
- Data type: uint8 array
- Access type: Read-only
Descriptor used by the event provider to determine the users who can receive the event. This property is inherited from __Event.
Note A NULL access control list (ACL) in the SECURITY_DESCRIPTOR grants unlimited access to everyone all of the time. For more information, see Creating a Security Descriptor for a New Object.
- SessionID
-
- Data type: uint32
- Access type: Read-only
Session under which the process exists.
- Sid
-
- Data type: uint8 array
- Access type: Read-only
Security identifier (SID) of the user context under which the event happens. This property is inherited from Win32_ProcessTrace
- TIME_CREATED
-
- Data type: uint8
- Access type: Read-only
Unique value that indicates the time the event was generated. This property is inherited from __Event.
Remarks
The Win32_ProcessTrace class is derived from Win32_SystemTrace.
Examples
For script code examples, see WMI Tasks for Scripts and Applications and the TechNet ScriptCenter Script Repository.
For C++ code examples, see WMI C++ Application Examples.
Requirements
|
Minimum supported client | Windows XP [desktop apps only] |
|---|---|
|
Minimum supported server | Windows Server 2003 [desktop apps only] |
|
Namespace |
\root\CIMV2 |
|
MOF |
|
|
DLL |
|
See also
Send comments about this topic to Microsoft
Build date: 11/19/2012
