ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

Log CPU and memory usage

(1/3) > >>

Here's a basic question for everybody.

What should I use if I want to log (to a text file) the processes that use the most cpu and ram? Say every 5 minutes a text file is appended with top 5 process names with as much info about the usage as possible.

This is for both XP and 7 computers, something that can be set and forgotten. Then days later I open the log file to check.


I'm going out on a limb and ask you why this is important to have. The amount of Virtual Memory allocated by a process doesn't represent the amount of 'physically' takes up in your RAM, so while high numbers may show you there is a bad memory leak or greedy memory usage in a program, it won't mean anything with regards to 'improving' your computers performance. It's like profiling a cars performance by blindly gauging its speed and fuel left in the tank, not keeping in mind whether you are inside a city, stopped at a traffic light, or whether you may have a caravan hooked up.

Most likely, you have a specific issue, causing bad performance in a certain situation and you want to know what causes it. In general, the Sysinternals programs have a lot of diagnostic tools that can help you with this kind of issue. Download the whole suite, and unzip them somewhere of your liking (mine go into C:\Programs\Sysinternals); they're a pretty useful bunch all around. The majority you'll (almost) never use, some you'll end up using daily.

Autoruns won't help your situation too much, but it basically msconfig on steroids. Most places where programs can hook into your computer and slow it down is listed inside of it, and you can either disable or delete items to try and improve your computers performance.

Process Explorer is a replacement for Task Manager. Just get it. Seriously. GET IT. It's the powertool of process management, showing you so much ******* shit about all of your proceses that 99% of the time you'll find a very strong clue, if not direct cause, to what is causing your computer to slow down. If you keep it running in the tray, you can pop it up at any time and see the processes recent behaviour with regards to CPU, Memory and I/O. It's very easy to see which processes keep hammering your computer every few seconds, for example. The first thing I do after I reinstall Windows is to replace Task Manager with this program; it is really THAT useful.

Process Monitor is basically a logger such as the one you are looking for. However, it is also the most cumbersome to use. Why? Because it logs ****** everything. A program accessing a single value inside the Registry tends to cause multiple log entries, for example. It tracks all processes. Having it running for five seconds can easily give you 10,000 lines of diagnostic information. On a good note, it has a very powerful filtering system, so after you are done capturing it (or before you start), you can just hide everything you don't want logged. This tends to not focus on memory or cpu, but rather on actions performed. If a process stalls, you can easily spot it because the timestamps will show a gap, and Process Monitor more than likely shows what the program was doing right before or after that. All around though, this thing is like a needle in a haystack, and requies a fair bit of effort, especially if you lack experience with it.

RamMap is a kind of Process Explorer, focusing only on the memory usage at a specific point in time. Much of the simple information is stuff Process Explorer also offers, but the views in this are far better for comparing the behaviour in which its memory is used.

VMMap basically dissects a running process, showing you exactly what 'health' it was in at a certain point in time. It's basically RamMap, except it is focused on one process as opposed to being focused on your entire machines memory situation. It isn't very useful for an end-user, although it can sometimes give clues towards certain behaviour. Basically, it shows you how much memory it uses and what kind of purpose and traits it holds. For experienced users, it can be useful for spotting malware or securty holes in software.

In general, the last two or even three one are not something you want or need to use. Sometimes really extreme numbers can totally tell you what is wrong: a driver reserving tons of memory and preventing applications from using it, programs polling the registry every second, thousands of ever-increasing handles being consumed by processes: stuff like that which is otherwise hard to diagnose can become really visible with these tools.

Thanks for the details. This is not for my computer(s) and I am more interested in the general state of the system - at regular intervals - without worrying about specifics like memory leaks. That is why I wanted to have a look at it in a snapshots sort of way (checking process names and some details 'later'), without necessarily running something like Process Monitor. Personally haven't ever used RamMap or VMMap, I will have a look.

The problem is that there is no such thing as the general state of a system. Tons of things affect performance. Process Explorer shows the biggest troublemakers in its graphs: CPU, Memory, I/O and Network usage. If those are consistently in action while a computer is idle, that is probably the biggest common denominators you can check for for your usecase.

But I still feel uneasy with your snapshot mindset; I just don't know what it will get you. You won't find enough information to tell you what is wrong, unless the problem hangs around until you come to check in on it, in which case you didn't need the snapshot to begin with.

I've had a use for VMMap and RamMap a couple of times while virus & malware hunting in the last several years. They're tools I rarely use, but they're pretty damn useful once you know what you're looking for. :-)

Anyhow, I'll assume you know what you want best. As a computer problem solver, I just can't help but shake off the feeling that you'll end up with (a lack of) information that will make it relatively useless to you to use.

Shouldn't generic but very capable tools like Nagios be able to track changing states like memory or I/O usage and log/alert about it?


[0] Message Index

[#] Next page

Go to full version