Re: Monitor a Particular Process

---

• From: "Claus" <cjobes@xxxxxxxxxxxxx>
• Date: Fri, 4 Jan 2008 09:20:42 -0500

---

The event log gets written when ever something needs to be written to it. Do you have excessive entries in any of the event logs? What is the actual mem use and CPU use of the process? What plug and play devices do you have connected to your box?

--
Claus
"Cardin Smith" <cardin.hatespam.smith@xxxxxxxxxxxxx> wrote in message news:A1734FCB81744C7486FEC7D7840FCDB6@xxxxxxxxxxxxxx


Thanks for the information. I've done what you advised, and It's now showing me that the process which is causing the problem is the Service.exe service, which under the tasklist /svc is showing up as the event log / plug and play. Should the event log be writing so often?



Cardin Smith (MCSA, Security +)



From: Claus [mailto:cjobes@xxxxxxxxxxxxx]
Posted At: 03 January 2008 14:29
Posted To: microsoft.public.windows.server.sbs
Conversation: Monitor a Particular Process
Subject: Re: Monitor a Particular Process



Given that it happens this frequently I would open the taskmanager, add the PID column to the view and the order by CPU usage. Watch the display and note down the PID of the process. Then open a cmd window and type "tasklist /svc" and look for the PID.


--
Claus

"Cardin Smith" <cardin.hatespam.smith@xxxxxxxxxxxxx> wrote in message news:03F442F7A0184A6FAAFA7652A11C2511@xxxxxxxxxxxxxx

On my Win2K3 SBS the hard drive lights are constantly flickering and performance monitor and task manager are showing a spike every 4 - 5 seconds in the disk queue and cpu usage. Is there a system monitor which I can set up that will trace which particular process is causing the spike, or will i have to trace each process individually?



Cardin Smith (MCSA, Security +)

---

• References:
  • Monitor a Particular Process
    • From: Cardin Smith
  • Re: Monitor a Particular Process
    • From: Claus
  • Re: Monitor a Particular Process
    • From: Cardin Smith

• Prev by Date: Re: WSS V3 Question
• Next by Date: Re: Disaster Planning
• Previous by thread: Re: Monitor a Particular Process
• Next by thread: Display goes off in command prompt
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: 70-300, ambiguous question ... monitor anything that can give you information about your ... You can sometimes find your app problem in the security log, ... garbage dump, you have to create a custom log. ... > b - Application Event Log ... (microsoft.public.cert.exam.mcsd) Re: AspErrorsToNTLog no longer works in IIS6 ... The security implication is that anonymous remote requests can be used to ... fill the event log and cause the server to stop responding (for very legal ... > logic for further disabling it. ... How about using the web log file? ... (microsoft.public.inetserver.iis) Viewing Event Logs ... How to set event log security locally or by using Group Policy in Windows ... Descriptor Definition Language (SDDL) syntax. ... (microsoft.public.windows.server.active_directory) Re: AspErrorsToNTLog no longer works in IIS6 ... Am I to assume IIS6 no longer offers a way to audit VBScript errors? ... >>when the security log is full has any relevance. ... Is event log performance significantly ... > log instead of the normal log file) was flawed from a security perspective, ... (microsoft.public.inetserver.iis) Re: Writing to Windows Security Log ... UNIX syslog-the-network-protocol is that it's UDP - ... a Windows application or service ... equivalent source of bogus data into an Event Log stream ... to the>Security< Event Log are the LSA and the Event ... (Pen-Test)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.sbs  > 2008-01