■ ■ ■ ■ ■ ■
docs/profiler/Get-ProfilingResults.md
| 1 | + | --- |
| 2 | + | external help file: Microsoft.Windows.Win32Isolation.ApplicationCapabilityProfiler.dll-Help.xml |
| 3 | + | Locale: en-US |
| 4 | + | Module Name: Microsoft.Windows.Win32Isolation.ApplicationCapabilityProfiler |
| 5 | + | ms.date: 05/16/2023 |
| 6 | + | online version: |
| 7 | + | schema: 2.0.0 |
| 8 | + | title: Get-ProfilingResults |
| 9 | + | --- |
| 10 | + | |
| 11 | + | # Get-ProfilingResults |
| 12 | + | |
| 13 | + | ## SYNOPSIS |
| 14 | + | Retrieves capability access information from input ETL files. |
| 15 | + | |
| 16 | + | ## SYNTAX |
| 17 | + | |
| 18 | + | ``` |
| 19 | + | Get-ProfilingResults [[-EtlFilePaths] <string[]>] [-ExeNames <string[]>] [-ManifestPath <string>] |
| 20 | + | [-RecordsOutputPath <string>] [-SummaryOutputPath <string>] [-PackageNames <string[]>] [-Quiet] [-ShowFirstParty] |
| 21 | + | [-ShowNoNameObjectFailures] [-WhatIf] [-Confirm] [<CommonParameters>] |
| 22 | + | ``` |
| 23 | + | |
| 24 | + | ## DESCRIPTION |
| 25 | + | |
| 26 | + | The Get-ProfilingResults cmdlet parses one or more specified ETL (Event Tracing for Windows) files to find access denied events for application packages and identifies capabilities that would allow the package to perform those accesses. It also outputs relevant information about the access denied events found for the packages. |
| 27 | + | |
| 28 | + | |
| 29 | + | ## EXAMPLES |
| 30 | + | |
| 31 | + | ### Example 1: Parse trace captured via Start-Profiling/Stop-Profiling and output capability access information |
| 32 | + | |
| 33 | + | Capability access information that can be matched to the application package manifest provided is automatically added to the manifest. |
| 34 | + | |
| 35 | + | ```powershell |
| 36 | + | Get-ProfilingResults -EtlFilePaths C:\Logs\trace.etl -ManifestPath C:\Path\To\MyAppXManifest.xml |
| 37 | + | ``` |
| 38 | + | |
| 39 | + | ### Example 2: Look for active trace logging session from Start-Profiling, collect trace and parse it. |
| 40 | + | |
| 41 | + | If a trace logging session is currently active, Stop-Profiling will be called to attempt to collect a trace that can be parsed. |
| 42 | + | |
| 43 | + | ```powershell |
| 44 | + | Get-ProfilingResults -ManifestPath C:\Path\To\MyAppXManifest.xml |
| 45 | + | ``` |
| 46 | + | |
| 47 | + | ### Example 3: Parse multiple traces |
| 48 | + | |
| 49 | + | ```powershell |
| 50 | + | Get-ProfilingResults -EtlFilePaths C:\Logs\trace1.etl, C:\Logs\trace2.etl |
| 51 | + | ``` |
| 52 | + | |
| 53 | + | ## PARAMETERS |
| 54 | + | |
| 55 | + | ### -EtlFilePaths |
| 56 | + | |
| 57 | + | Specifies an array of paths to the ETL files from which profiling results should be retrieved. Get-ProfilingResults require an input ETL file. If not provided, the cmdlet will attempt to stop an active trace logging session and capture an ETL file from it. |
| 58 | + | |
| 59 | + | ```yaml |
| 60 | + | Type: System.String[] |
| 61 | + | Parameter Sets: (All) |
| 62 | + | Aliases: Logs, l |
| 63 | + | |
| 64 | + | Required: False |
| 65 | + | Position: 0 |
| 66 | + | Default value: None |
| 67 | + | Accept pipeline input: False |
| 68 | + | Accept wildcard characters: False |
| 69 | + | ``` |
| 70 | + | |
| 71 | + | ### -ExeNames |
| 72 | + | |
| 73 | + | Specifies an array of executable names to filter the profiling results. Only results related to the specified executables will be returned. |
| 74 | + | |
| 75 | + | ```yaml |
| 76 | + | Type: System.String[] |
| 77 | + | Parameter Sets: (All) |
| 78 | + | Aliases: e |
| 79 | + | |
| 80 | + | Required: False |
| 81 | + | Position: Named |
| 82 | + | Default value: None |
| 83 | + | Accept pipeline input: False |
| 84 | + | Accept wildcard characters: False |
| 85 | + | ``` |
| 86 | + | |
| 87 | + | ### -ManifestPath |
| 88 | + | |
| 89 | + | Specifies the path to the application package manifest file to be edited by the cmdlet with the identified capabilities. If the capabilities identified cannot be attributed to this manifest’s package, a copy of the manifest is generated for each package identified including the capabilities pertaining thereto. |
| 90 | + | |
| 91 | + | ```yaml |
| 92 | + | Type: System.String |
| 93 | + | Parameter Sets: (All) |
| 94 | + | Aliases: m |
| 95 | + | |
| 96 | + | Required: False |
| 97 | + | Position: Named |
| 98 | + | Default value: <working directory>\<package name>\AppXManfiest-Capabilities.xml |
| 99 | + | Accept pipeline input: False |
| 100 | + | Accept wildcard characters: False |
| 101 | + | ``` |
| 102 | + | |
| 103 | + | ### -PackageNames |
| 104 | + | |
| 105 | + | Specifies an array of package names to filter the profiling results. Only results related to the specified packages will be returned. |
| 106 | + | |
| 107 | + | ```yaml |
| 108 | + | Type: System.String[] |
| 109 | + | Parameter Sets: (All) |
| 110 | + | Aliases: p, Packages |
| 111 | + | |
| 112 | + | Required: False |
| 113 | + | Position: Named |
| 114 | + | Default value: None |
| 115 | + | Accept pipeline input: False |
| 116 | + | Accept wildcard characters: False |
| 117 | + | ``` |
| 118 | + | |
| 119 | + | ### -RecordsOutputPath |
| 120 | + | |
| 121 | + | Specifies the path to a CSV file to save detailed access attempt information. If not specified, the default output path will be used. |
| 122 | + | |
| 123 | + | ```yaml |
| 124 | + | Type: System.String |
| 125 | + | Parameter Sets: (All) |
| 126 | + | Aliases: r, RecordsOutput, RecordsPath |
| 127 | + | |
| 128 | + | Required: False |
| 129 | + | Position: Named |
| 130 | + | Default value: <working directory>\AccessAttemptRecords.csv |
| 131 | + | Accept pipeline input: False |
| 132 | + | Accept wildcard characters: False |
| 133 | + | ``` |
| 134 | + | |
| 135 | + | ### -ShowFirstParty |
| 136 | + | |
| 137 | + | Indicates whether to include first-party capabilities in the output. These may only be declared by Microsoft-signed packages. |
| 138 | + | |
| 139 | + | ```yaml |
| 140 | + | Type: System.Management.Automation.SwitchParameter |
| 141 | + | Parameter Sets: (All) |
| 142 | + | Aliases: |
| 143 | + | |
| 144 | + | Required: False |
| 145 | + | Position: Named |
| 146 | + | Default value: False |
| 147 | + | Accept pipeline input: False |
| 148 | + | Accept wildcard characters: False |
| 149 | + | ``` |
| 150 | + | |
| 151 | + | ### -ShowNoNameObjectFailures |
| 152 | + | |
| 153 | + | Indicates whether to output summary information for access attempts to unidentified objects. |
| 154 | + | |
| 155 | + | ```yaml |
| 156 | + | Type: System.Management.Automation.SwitchParameter |
| 157 | + | Parameter Sets: (All) |
| 158 | + | Aliases: |
| 159 | + | |
| 160 | + | Required: False |
| 161 | + | Position: Named |
| 162 | + | Default value: False |
| 163 | + | Accept pipeline input: False |
| 164 | + | Accept wildcard characters: False |
| 165 | + | ``` |
| 166 | + | |
| 167 | + | ### -SummaryOutputPath |
| 168 | + | |
| 169 | + | Specifies the path to a TXT file to save a summary of the profiling results. If not specified, the default output path will be used. |
| 170 | + | |
| 171 | + | ```yaml |
| 172 | + | Type: System.String |
| 173 | + | Parameter Sets: (All) |
| 174 | + | Aliases: s, SummaryPath, SummaryOutput |
| 175 | + | |
| 176 | + | Required: False |
| 177 | + | Position: Named |
| 178 | + | Default value: <working directory>\summary.txt |
| 179 | + | Accept pipeline input: False |
| 180 | + | Accept wildcard characters: False |
| 181 | + | ``` |
| 182 | + | |
| 183 | + | ### -Quiet |
| 184 | + | |
| 185 | + | Indicates that the cmdlet runs in quiet mode, suppressing unnecessary output and prompts. |
| 186 | + | |
| 187 | + | ```yaml |
| 188 | + | Type: System.Management.Automation.SwitchParameter |
| 189 | + | Parameter Sets: (All) |
| 190 | + | Aliases: |
| 191 | + | |
| 192 | + | Required: False |
| 193 | + | Position: Named |
| 194 | + | Default value: False |
| 195 | + | Accept pipeline input: False |
| 196 | + | Accept wildcard characters: False |
| 197 | + | ``` |
| 198 | + | |
| 199 | + | ### -WhatIf |
| 200 | + | |
| 201 | + | Shows what would happen if the cmdlet runs. The cmdlet is not executed. |
| 202 | + | |
| 203 | + | ```yaml |
| 204 | + | Type: System.Management.Automation.SwitchParameter |
| 205 | + | Parameter Sets: (All) |
| 206 | + | Aliases: |
| 207 | + | |
| 208 | + | Required: False |
| 209 | + | Position: Named |
| 210 | + | Default value: False |
| 211 | + | Accept pipeline input: False |
| 212 | + | Accept wildcard characters: False |
| 213 | + | ``` |
| 214 | + | |
| 215 | + | ### -Confirm |
| 216 | + | |
| 217 | + | Prompts you for confirmation before running the cmdlet. |
| 218 | + | |
| 219 | + | ```yaml |
| 220 | + | Type: System.Management.Automation.SwitchParameter |
| 221 | + | Parameter Sets: (All) |
| 222 | + | Aliases: |
| 223 | + | |
| 224 | + | Required: False |
| 225 | + | Position: Named |
| 226 | + | Default value: False |
| 227 | + | Accept pipeline input: False |
| 228 | + | Accept wildcard characters: False |
| 229 | + | ``` |
| 230 | + | |
| 231 | + | ## RELATED LINKS |
| 232 | + | |
| 233 | + | [ApplicationCapabilityProfiler](application-capability-profiler.md) |
| 234 | + | |
| 235 | + | [Start-Profiling](Start-Profiling.md) |
| 236 | + | |
| 237 | + | [Stop-Profiling](Stop-Profiling.md) |
| 238 | + | |
| 239 | + | [Merge-ProfilingResults](Merge-ProfilingResults.md) |