The file summary can be achieved by means of the folder and extension.Īctivity summary lists all the processes seen in the trace, file events, I/O, registry events, network events, including their process ID, image name and command line.Īctivity summary can be accessed by going to Tools > Process Activity Summary. Figure 4: Activity summary for various processes and their operations Figure 5: Registry information accessed during trace Figure 6: Stack information during traceįile summary dialogue lists each unique file system path present in the filtered trace, the amount of time spent performing I/O to the file, the total number of events that referenced the path, and the count of individual operation types.įile summary can be accessed by going to Tools > File summary. It also detects and monitors new file system devices. Process monitor displays all the activities of a file system, including local and remote storage. Process tree displays all of the processes referenced in a hierarchy in the loaded trace, which shows parent-child relationships. Process monitor includes a number of dialogues that allow you to perform simple data mining on the events collected in a trace. Figure 1: Process tree for various processes Figure 2: File system activity Figure 3: File summary by path
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |