Weekly quickTIP
FileMon/RegMon Mashup
Microsoft's Process Monitor is the new, improved version for troubleshooting application processes.
- By Greg Shields
- 08/13/2007
Like ‘em or hate ‘em, the two Sysinternals’ tools FileMon and RegMon are often your only way to track down problems when troubleshooting applications and how those apps interact with the rest of your computer system.
For the uninitiated, these two tools monitor file and registry reads and writes and report on which application or process is doing the work. Their low-level reporting on your computer’s inner workings can produce massive quantities of data, but often are necessary in tracking down an incorrectly set permission or an overwritten registry key.
It’s that massive quantity of data, however, that makes difficult their learning curve. Adding to the difficulty is how they come as separate tools -- until now.
Microsoft’s freeware Process Monitor tool, which can be downloaded here, integrates the functionality of FileMon and RegMon into a unified debugger. Now, when you can’t be sure if the application giving you grief has a file problem or a registry problem, you can run your tests all from the same tool.
Process Monitor also adds a few new enhancements over our old friends. Whereas the old tools had filters that could filter out unnecessary data, they were difficult to use. The new tool allows for better manipulation of filters that preserve data. More data about each captured event, its associated process, and the process stack supporting it is captured. Processes can now be monitored at boot, enabling better troubleshooting of those hard-to-capture boot-time troubles.
Tech Help—Just An
E-Mail Away |
|
Got a Windows, Exchange or virtualization question
or need troubleshooting help? Or maybe you want a better
explanation than provided in the manuals? Describe
your dilemma in an e-mail to the MCPmag.com editors
at [email protected];
the best questions get answered in this column and garner
the questioner with a nifty Redmond T-shirt.
When you send your questions, please include your
full first and last name, location, certifications (if
any) with your message. (If you prefer to remain anonymous,
specify this in your message, but submit the requested
information for verification purposes.) |
|
|
Now, none of these new features actually reduce that sheer amount of data coming in during a trace. But with the improved highlighting and filtering options, you can better narrow it down to just the info you need.
About the Author
Greg Shields is Author Evangelist with PluralSight, and is a globally-recognized expert on systems management, virtualization, and cloud technologies. A multiple-year recipient of the Microsoft MVP, VMware vExpert, and Citrix CTP awards, Greg is a contributing editor for Redmond Magazine and Virtualization Review Magazine, and is a frequent speaker at IT conferences worldwide. Reach him on Twitter at @concentratedgreg.