Event Tracing for Windows (ETW) is the most important diagnostic tool Windows developers have at their disposal. In this talk, we will explore the rich and wonderful world of ETW events, which span numerous components including the kernel scheduler, the CLR garbage collector, the Windows UI subsystem (including XAML-specific events), request-processing frameworks such as ASP.NET and WCF, and many others. You’ll learn how to diagnose incredibly complex issues in production systems such as excessive garbage collection pauses, slow startup due to JIT and disk accesses, and even sluggishness during the Windows boot process. We will also explore some ways to automate ETW collection and analysis to build self-diagnosing applications that identify high CPU issues, resource leaks, and concurrency problems and produce alerts and reports. In the course of the talk we will use innovative performance tools that haven’t been applied to ETW before — flame graphs for visualising call stacks and a command-line interface for dynamic, scriptable ETW tracing. ETW is truly a window into everything happening on your system, and it doesn’t require expensive licenses, invasive tools, or modifying your code in any way. It is a critical, first-stop skill on your way to mastering application performance and diagnostics.