WinDbg's Logger.exe is the closest to strace: http://msdn.microsoft.com/en-us/library/windows/hardware/ff552060(v=vs.85).aspx

WinDbg 的 Logger.exe 最接近 strace：http: //msdn.microsoft.com/en-us/library/windows/hardware/ff552060(v=vs.85) .aspx

EDIT: There's also windbg's wt: http://blogs.msdn.com/b/debuggingtoolbox/archive/2009/10/12/special-command-tracing-applications-using-wt.aspx

编辑：还有windbg的wt：http: //blogs.msdn.com/b/debuggingtoolbox/archive/2009/10/12/special-command-tracing-applications-using-wt.aspx

A few options:

几个选项：

Process Monitor

进程监视器

Also, see this article about tools built into Windows 7:

另外，请参阅有关 Windows 7 内置工具的文章：

Core OS Tools

核心操作系统工具

The Dr. Memory (http://drmemory.org) tool comes with a system call tracing tool called drstrace that lists all system calls made by a target application along with their arguments: http://drmemory.org/strace_for_windows.html

Dr. Memory ( http://drmemory.org) 工具带有一个名为 drstrace 的系统调用跟踪工具，它列出了目标应用程序发出的所有系统调用及其参数：http://drmemory.org/strace_for_windows.html

For programmatically enforcing system call policies, you could use the same underlying engines as drstrace: the DynamoRIO tool platform (http://dynamorio.org) and the DrSyscall system call monitoring library (http://drmemory.org/docs/page_drsyscall.html). These use dynamic binary translation technology, which does incur some overhead (20%-30% in steady state, but much higher when running new code such as launching a big desktop app), which may or may not be suitable for your purposes.

对于以编程方式强制执行系统调用策略，您可以使用与 drstrace 相同的底层引擎：DynamoRIO 工具平台 ( http://dynamorio.org) 和 DrSyscall 系统调用监控库 ( http://drmemory.org/docs/page_drsyscall。 html）。这些使用动态二进制翻译技术，它确实会产生一些开销（稳定状态下为 20%-30%，但在运行新代码（例如启动大型桌面应用程序）时要高得多），这可能适合也可能不适合您的目的。

API Monitorlooks very useful for this purpose.

API Monitor看起来非常有用。

Here is a pretty intersting article, I don't know if it hits the target you are looking for but I think you may find it leading you in the direction you want.

这是一篇非常有趣的文章，我不知道它是否达到了您正在寻找的目标，但我认为您可能会发现它引导您朝着您想要的方向前进。

http://jbremer.org/intercepting-system-calls-on-x86_64-windows/

http://jbremer.org/intercepting-system-calls-on-x86_64-windows/

strace is available from Cygwin in the cygwin package. You can download it from a Cygwin mirror, for example:

可以从 Cygwin 的cygwin 包中获得 strace 。您可以从Cygwin mirror下载它，例如：

http://mirrors.sonic.net/cygwin/x86_64/release/cygwin/cygwin-2.0.2-1.tar.xz
#      |                      |                              |     |
#      +-----------+----------+                              +--+--+
#                  |                                            |
#               mirror                                       version

strace is one of the few Cygwin programs that does not rely on the Cygwin DLL, so you should be able to just copy strace.exeto where you want and use it.

strace 是少数不依赖 Cygwin DLL 的 Cygwin 程序之一，因此您应该能够复制strace.exe到您想要的位置并使用它。

There are several tools all built around Xperf. It's rather complex but very powerful -- see the quick start guide. There are other useful resources on the Windows Performance Analysispage

有几个工具都是围绕 Xperf 构建的。它相当复杂但非常强大——请参阅快速入门指南。Windows 性能分析页面上还有其他有用的资源

You can use process monitor written by Mark Russinovich. This is a fantastic little application that will allow you to attach to any running process on the system and see all of the system calls that process is currently making.

您可以使用 Mark Russinovich 编写的进程监视器。这是一个很棒的小应用程序，它允许您附加到系统上任何正在运行的进程并查看该进程当前正在进行的所有系统调用。

https://technet.microsoft.com/en-us/sysinternals/processmonitor.aspx

https://technet.microsoft.com/en-us/sysinternals/processmonitor.aspx

stracesupported By Git,as Michael Fox Mention Maybe not useful for complex/windows software.

strace由Git支持，正如 Michael Fox 提到的那样，可能对复杂/windows 软件没有用。