Network analysis feature in Process Monitor

Process Monitor from Windows Sysinternals, part of Microsoft’s Server and Tools division, combines the best of familiar but now extinct tools. By extinct I mean deprecated or no longer supported. The warranty* expired.

image
Windows 8 PC running Process Monitor
image
Events with a highlight filter applied
image
Time of Day and Process Name columns
image
Right-click menu

The context-sensitive [right-click] menu allows you to highlight a specific number of rows (events displayed horizontally) with only a particular column match highlighted. The example above is right-clicking on the Operation column of a particular row.

image
PID, Operation, and Result are columns in photo

But how Process Monitor combines all is just the start. They also allow you to filter. My favorite part of the toolbar in Process Monitor is the

image

image
All five turned on except “profiling”, the default settings
To filter out just the network traffic, click on each highlighted box to deselect except this highlighted icon in the photo below:image
Show Network Activity icon

Then turn on the Autoscroll feature, off by default:

image
Autoscroll (Ctrl+A)

Allowing you to get a real-time,scrolling, network [event] trace like this:

image

Just remember to turn on the other three show buttons (file, registry, process). Don’t turn Profiling on, unless you want more data. Refer to the onboard [F1] Process Monitor help.

For more information on support lifecycle, and how to download Process Monitor, refer to the references section below:

References

URLs
*Microsoft Support lifecycle website
Windows Sysinternals
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s