Winnt - Win2k Process Monitoring

Winnt - Win2k Process Monitoring

Post by Jame » Fri, 04 Jan 2002 01:23:48



I am trying to monitor processes (not services) on Win2k and/or WinNT.  I
need to generate a notification, (prefferably a trap) when and if a process
fails or is started.

I have tried using procmon (http://www.ncomtech.com/download.htm)
but it simply does not work.

If anyone has tamed this beast please let me know.  Thanks.

James Amann
404-651-1574

 
 
 

Winnt - Win2k Process Monitoring

Post by Dave Rot » Fri, 04 Jan 2002 16:30:27


Look into using WMI. It has an event sink that let's you provide an SQL-like
query to monitor for particular events. There are several good books out
there on WMI and my 2nd Perl book covers how to access WMI using Perl's
Win32::OLE extension (http://www.roth.net/books/handbook/).

dave
--
Dave Roth
Roth Consulting                   Check out my monthly Perl column:
http://www.roth.net/                http://www.win32scripting.com

Win32 Perl Programming: The Standard Extensions, 2nd edition
http://www.roth.net/books/extensions2

Win32 Perl Scripting: The Administrator's Handbook
http://www.roth.net/books/handbook


> I am trying to monitor processes (not services) on Win2k and/or WinNT.  I
> need to generate a notification, (prefferably a trap) when and if a
process
> fails or is started.

> I have tried using procmon (http://www.ncomtech.com/download.htm)
> but it simply does not work.

> If anyone has tamed this beast please let me know.  Thanks.

> James Amann
> 404-651-1574



 
 
 

Winnt - Win2k Process Monitoring

Post by Joe Seeka » Thu, 10 Jan 2002 01:36:18


James,

We are using procmon.  It is a nice little tool although it could use
some improvements like they did for their event log monitor (like a
GUI to configure everything).  If you are having problems, contact
them directly.  They are very responsive considering they don't charge
for their stuff.

Joe


> I am trying to monitor processes (not services) on Win2k and/or WinNT.  I
> need to generate a notification, (prefferably a trap) when and if a process
> fails or is started.

> I have tried using procmon (http://www.ncomtech.com/download.htm)
> but it simply does not work.

> If anyone has tamed this beast please let me know.  Thanks.

> James Amann
> 404-651-1574