Tools & Tips for IT Network Management
You are here: Home / Server Monitoring / Process Monitor

Process Monitor

Process Monitor is a windows monitoring tool that shows real time file system, registry and process activity. This light weight tool combines features of two sysinternal utilities, filemon and regmon. Process Monitor combined these two tools into one and also added even more functionality. Including rich and non-destructive filtering, comprehensive event properties such as session IDs and usernames, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file and much more.

This is another great monitoring tool that I keep in my toolkit. It’s an easy to use tool that helps with troubleshooting many different issues. The thing I’ve used this most for is finding applications that will not work without admin rights. By using Process Monitor I can see where the application is trying to write to or where it’s getting denied. I can then give this folder or registry keys the correct permissions to allow the application to work without having to give the users admin rights. Process Monitor was originally developed by Sysinternals which is now owned by Microsoft.  

Some of the Features of Process Monitor

  • More data captured for operation input and output parameters
  • Non-destructive filters allow you to set filters without losing data
  • Capture of thread stacks for each operation make it possible in many cases to identify the root cause of an operation
  • Reliable capture of process details, including image path, command line, user and session ID
  • Configurable and moveable columns for any event property
  • Filters can be set for any data field, including fields not configured as columns
  • Much more…

Company: Microsoft sysinternals
Website: http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx

Copyright © 2011