Skip to main content
How to collect procmon trace using Task Scheduler
Updated over 8 months ago

Overview

This article helps the customer to collect the procmon trace in case of backup performance issues.

To start Process Monitor Follow the below steps:

1)Download Process Monitor from Windows Sysinternals page https://docs.microsoft.com/en-us/sys...nloads/procmon and extract it.

2)Click on windows -> Administrative Tools and open Task Scheduler.

3)Click on Task scheduler.

4)Under Actions, click Create Basic Task.

5)Provide a name OF the task (for example, Start-Process Monitor) and click Next.

Based on task frequency, click One time (or select a frequency depending on the nature of your issue).

6)Enter the time when you want the task to run ,click Next then select the date and time when you want to collect the procmon trace.

7)In " What action do you want the task to perform" , select Start a program and click Next.

8)Browse for the Process Monitor executable (procmon.exe). Add these arguments:

/accepteula /quiet /BackingFile <log path> (/accepteula /quiet /BackingFile D:\log.pml)

where <log path> is the path to the resulting log file (for example D:\log.pml)

9)Make sure you have enough disk space where you are saving the log file.

Click Next.

10) Check "Open the Properties dialog for this task when I click the Finish " check box and click on Finish.

The properties dialog is shown. Click Change User or Group, select SYSTEM, and click OK.

Now you need to create a task that stops Process Monitor :

(Kindly use the snippets from the above steps )

1)Open the Task Scheduler again.

2)Create a new basic task.

3)Provide a name for the task, for example, Stop-Process Monitor.

4)In When you want the task to start, click One time (or select a frequency depending on the nature of your issue).

5)Enter the time when you want the task to be stopped (for example, 30 minutes after starting Process Monitor) and click Next.

6)In What action do you want the task to perform, select Start a program and click Next.

Browse for the Process Monitor executable (procmon.exe).

Add this argument:

/terminate

Click Next.

7)Check "Open the Properties dialog for this task when I click the Finish " check box and click on Finish.

8)The properties dialog is shown. Click Change User or Group, select SYSTEM, and click OK.

See also

Did this answer your question?