I'm using logparser.exe (http://www.microsoft.com/en-us/download/details.aspx?id=24659) to process a captured trace (in a .etl file). The output however is not proving the high resolution timestamp that I know is recorded in the .etl file.
The output is spitting out timestamps only up to the seconds (i.e. 2014-07-24 18:52:39)
Answered my own question:
Logparser.exe by default formats the timestamps to exclude the milliseconds / nanoseconds. You have two options to view a higher resolution timestamp:
TO_STRING(Timestamp, 'HH:mm:ss.ln'). An example useage is below:c:>"c:\Program Files (x86)\Log Parser 2.2\LogParser.exe" -i:ETW -o:CSV "SELECT TO_STRING(Timestamp, 'HH:mm:ss.ln') AS Timestamp, EventTypeName FROM 'c:\PerfLogs\ASP\LocalSystem\20140724-000003\Verbose Trace.etl'" > verbose.csv
-oTsFormat argument:c:>"c:\Program Files (x86)\Log Parser 2.2\LogParser.exe" -i:ETW -o:CSV -oTsFormat "HH:mm: ss.ln" "SELECT * FROM 'c:\PerfLogs\ASP\LocalSystem\20140724-000003\Verbose Trace.etl'" > verbose.csv
More time format strings are listed here: http://strivinglife.com/words/post/Microsoft-Log-Parser-timestamp-formats