# 6.2.3.Process monitor

## 1.用途

* 1.顯示real-time file system, Registry及process/thread activity
* 2.結合了Regmon及Filemon兩大legacy tool
* 3.可以顯示詳細的event properties:
  * Event資訊
  * Process資訊
  * Stack 資訊

![](https://github.com/jenhsuan/debugging-tools-experience/tree/91ad7a157f155ea77065c5600800bb4627bd1ae2/assets/%E8%9E%A2%E5%B9%95%E5%BF%AB%E7%85%A7%202017-06-19%20%E4%B8%8B%E5%8D%884.07.53.png)

* 4.Filter過濾資訊, 但其他資訊仍可保留

## 2.用法

* 1.下載[Procmon](https://technet.microsoft.com/en-us/sysinternals/processmonitor.aspx?f=255\&MSPPError=-2147217396)
* 2.開啟並設定Filter: ![](https://github.com/jenhsuan/debugging-tools-experience/tree/91ad7a157f155ea77065c5600800bb4627bd1ae2/assets/%E8%9E%A2%E5%B9%95%E5%BF%AB%E7%85%A7%202017-06-19%20%E4%B8%8B%E5%8D%884.46.04.png) ![](https://github.com/jenhsuan/debugging-tools-experience/tree/91ad7a157f155ea77065c5600800bb4627bd1ae2/assets/%E8%9E%A2%E5%B9%95%E5%BF%AB%E7%85%A7%202017-06-19%20%E4%B8%8B%E5%8D%884.50.39.png)
* 3.開始掃描 ![](https://github.com/jenhsuan/debugging-tools-experience/tree/91ad7a157f155ea77065c5600800bb4627bd1ae2/assets/%E8%9E%A2%E5%B9%95%E5%BF%AB%E7%85%A7%202017-06-19%20%E4%B8%8B%E5%8D%884.48.12.png)
* 4.選擇列出需要的資訊, 共有5種
  * Show Registry Activity
  * Show File System Activity
  * Show Network Activity
  * Show Process and Thread Activity
  * Show Profiling Event

![](https://github.com/jenhsuan/debugging-tools-experience/tree/91ad7a157f155ea77065c5600800bb4627bd1ae2/assets/%E8%9E%A2%E5%B9%95%E5%BF%AB%E7%85%A7%202017-06-19%20%E4%B8%8B%E5%8D%884.52.55.png)

## 3.Process Activity Summary

* 可以看出當時哪些process的CPU最忙碌, 存取網路狀態, 以及Disk I/O狀態等
* 1.Tools -> Process Activity Summary ![](https://github.com/jenhsuan/debugging-tools-experience/tree/91ad7a157f155ea77065c5600800bb4627bd1ae2/assets/%E8%9E%A2%E5%B9%95%E5%BF%AB%E7%85%A7%202017-06-22%20%E4%B8%8A%E5%8D%888.34.26.png) ![](https://github.com/jenhsuan/debugging-tools-experience/tree/91ad7a157f155ea77065c5600800bb4627bd1ae2/assets/%E8%9E%A2%E5%B9%95%E5%BF%AB%E7%85%A7%202017-06-22%20%E4%B8%8A%E5%8D%888.34.57.png)
* 2.點選特定的process, 或是點選detail ![](https://github.com/jenhsuan/debugging-tools-experience/tree/91ad7a157f155ea77065c5600800bb4627bd1ae2/assets/%E8%9E%A2%E5%B9%95%E5%BF%AB%E7%85%A7%202017-06-22%20%E4%B8%8A%E5%8D%888.36.28.png)