How to capture etw.* data by Wireshark?
I found that there are 3 etw filter at filter reference page: https://www.wireshark.org/docs/dfref/.... But how to capture etw data/events by Wireshark? If I can't, what does these filters do?
etw: Event Tracing for Windows (3.6.0 to 4.0.3, 25 fields)
etw.ndis: ETW Ndis (2.6.0 to 4.0.3, 95 fields)
etw.wfp_capture: ETW WFP Capture (2.6.0 to 4.0.3, 10 fields)