Skip to content

feat(v3.0): Dashboard, Correlation, Recording, and OTLP Exporter#60

Merged
m96-chan merged 5 commits into
mainfrom
feat/v3.0-advanced-features
Dec 11, 2025
Merged

feat(v3.0): Dashboard, Correlation, Recording, and OTLP Exporter#60
m96-chan merged 5 commits into
mainfrom
feat/v3.0-advanced-features

Conversation

@m96-chan
Copy link
Copy Markdown
Owner

@m96-chan m96-chan commented Dec 11, 2025
edited
Loading

Summary

Features

Dashboard (#49)

  • Dashboard server with configurable host/port
  • WebSocketHandler for real-time event streaming to browser clients
  • EventSerializer for JSON event conversion
  • DashboardConfig for server configuration

Correlation Engine (#50)

  • CorrelationEngine for linking events by shared identifiers
  • CorrelationGroup for grouping related events
  • Timeline export to JSON and DataFrame formats
  • Causality tracing within configurable time windows

Recording & Replay (#51)

  • Recorder for capturing events to .etwpack files
  • Player for replaying recorded events with filtering
  • EtwpackHeader/EtwpackIndex for file metadata
  • Support for zstd/lz4 compression types

OTLP Exporter (#52)

  • OtlpExporter for streaming to OTLP collectors
  • SpanMapper for custom event-to-span mapping
  • OtlpFileExporter for file-based export
  • Support for sampling and batching

Test plan

  • All 101 new tests pass locally
  • Full test suite passes (303 total tests)
  • Lint checks pass (ruff, black)
  • CI passes all Python versions (3.9, 3.10, 3.11, 3.12)

Closes #49, Closes #50, Closes #51, Closes #52

🤖 Generated with Claude Code

m96-chan and others added 5 commits December 11, 2025 16:10
@m96-chan @claude
feat(v3.0): Dashboard, Correlation, Recording, and OTLP (#49, #50, #51,
71f5dd9 
#52)

Add v3.0 advanced features:

- #49: Live Dashboard with WebSocket UI
  - Dashboard server with configurable host/port
  - WebSocketHandler for real-time event streaming
  - EventSerializer for JSON event conversion
  - DashboardConfig for server configuration

- #50: Event Correlation Engine
  - CorrelationEngine for linking events by PID/TID/Handle
  - CorrelationGroup for grouping related events
  - Timeline export to JSON and DataFrame formats
  - Causality tracing within configurable time windows

- #51: ETW Recording & Replay (.etwpack format)
  - Recorder for capturing events to .etwpack files
  - Player for replaying recorded events with filtering
  - EtwpackHeader/EtwpackIndex for file metadata
  - Support for zstd/lz4 compression types

- #52: OpenTelemetry (OTLP) Exporter
  - OtlpExporter for streaming to OTLP collectors
  - SpanMapper for custom event-to-span mapping
  - OtlpFileExporter for file-based export
  - Support for sampling and batching

All features implemented with TDD approach (101 new tests, 303 total).

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@m96-chan @claude
fix(ci): Clean old wheels before build and select latest version
35f0d46 
- Clean target/wheels directory before building to prevent old versions
- Sort wheels descending by name to select latest version in case multiple exist

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@m96-chan @claude
feat(examples): Add demo scripts for v2.0 and v3.0 features
aa5ca23 
- Add demo_v2_features.py: MultiSession, ManifestParser, RustEventFilter
- Add demo_v3_features.py: Dashboard, Correlation, Recording, OTLP
- Fix datetime serialization in recording.py for JSON export
- Fix datetime timestamp conversion in otlp.py for OTLP format
- Add E402 ignore for examples directory in ruff config

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@m96-chan @claude
feat(dashboard): Add Gradio-based live dashboard with CLI command
45766e7 
- Implement real-time ETW event visualization using Gradio
- Add `pyetwkit dashboard` CLI command with provider/profile support
- Add EventBuffer for thread-safe event storage and rate calculation
- Add `dashboard` optional dependency group in pyproject.toml
- Dashboard auto-refreshes events every 0.5s, stats every 1s

Usage:
  pyetwkit dashboard Microsoft-Windows-Kernel-Process
  pyetwkit dashboard --profile network --port 8080

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@m96-chan @claude
fix(tests): Update dashboard tests for Gradio-based implementation
ee8cafe 
- Change default port expectation from 8080 to 7860 (Gradio default)
- Update WebSocketHandler tests to use EventBuffer methods (add_event, get_events)
- Add thread_id to batch serialization test mock events

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@m96-chan m96-chan merged commit a43a668 into main Dec 11, 2025
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

1 participant

@m96-chan