How to save trace for the process using Microsoft Process Monitor?

!To monitor a system running Microsoft Windows, there is a free utility called Process Monitor.

This utility is part of the Sysinternals package and provides detailed information about operations and interactions between processes running in the Windows system.

In this article, we will tell you how to save a process trace using Microsoft Process Monitor.

To save trace for the process using Microsoft Process Monitor, just follow the next steps:

  1. At first, you should download Process Monitor from https://learn.microsoft.com/en-us/sysinternals/downloads/procmon and unzip the resulting archive.
  2. Next, you should run the Procmon.exe utility.

    It will immediately start monitoring your computer's actions.

    At this stage, you don't need to set any filters, because you can always filter the results you've already received after the capture is complete. So just click OK.

  3. While the capture is in progress, perform the action on your computer that causes the error so that it is logged.
  4. When enough information has been collected, you should stop monitoring by clicking on the triangle icon labeled Capture or by selecting File - Capture events.

    You will see a blue circle on the capture start icon as confirmation that the capture has been stopped.

  5. The next step is to save what Process Monitor has been tracking to a file for later analysis.

    To do this, click File - Save and select where you want to save its trace output.

  6. All that is left for you to do is to analyze the trace results yourself, or send these results to qualified specialists.
Don't hesitate to contact us if you have any questions!

  Ask Question
Posted on by Tanya

Read More

Got Something To Say?

Your email address will not be published.