[愚翁专栏]如何对系统中的某个进程进行监控

转载 2006年05月18日 20:08:00

最近看到一篇文章,就是如何对系统某个进程进行监控,并且当这个进程触发某些事件的时候,能进行相应。而且发现有人问这方面的问题,我就大致在其原有的基础进行如下的修改。

 

首先说明的一点,方法是基于WMI的。以下是我扩展类的代码说明:

//------------------------ProcessInfo Class------------------------------------

//-----------------------------------------------------------------------------

//---File:clsProcessInfo.cs

//---Description:This class demonstrates the use of WMI.

//                It provides a static method to query the list of running processes.

//                And it provides two delegated events binding specific application.

//---Author:Knight

//---Date:Mar.21, 2006

//-----------------------------------------------------------------------------

//----------------------{ ProcessInfo Class }----------------------------------

using System;

using System.Data;

using System.Management;       

using System.Diagnostics;

 

namespace WinProcess

{

    /// <summary>

    /// ProcessInfo class.

    /// </summary>

    public class ProcessInfo

    {

        // defenition of the delegates

        public delegate void StartedEventHandler(object sender, EventArgs e);

        public delegate void TerminatedEventHandler(object sender, EventArgs e);

       

        // events to subscribe

        public StartedEventHandler Started = null;

        public TerminatedEventHandler Terminated = null;

 

        // WMI event watcher

        private ManagementEventWatcher watcher;

 

        /// <summary>

        /// Construction that binds specific application with event declared

        /// </summary>

        /// <param name="LocalServerName"></param>

        /// <param name="appName"></param>

        public ProcessInfo( string appName)

        {

            // querry every 2 seconds

            string pol = "2";

 

            string queryString =

                "SELECT *" +

                "  FROM __InstanceOperationEvent " +

                "WITHIN  " + pol +

                " WHERE TargetInstance ISA 'Win32_Process' "  +                

                "   AND TargetInstance.Name = '" + appName + "'";

                               

            string scope = @"//127.0.0.1/root/CIMV2";

           

            // create the watcher and start to listen

            watcher  = new ManagementEventWatcher(scope, queryString);

            watcher.EventArrived += new EventArrivedEventHandler(this.OnEventArrived);         

            watcher.Start();

        }

 

        /// <summary>

        /// Destruction function

        /// </summary>

        public void Dispose()

        {

            watcher.Stop();

            watcher.Dispose();

        }

 

        /// <summary>

        /// Get all processes that running in local machine

        /// </summary>

        /// <returns></returns>

        public static DataTable RunningProcesses( )

        {

            // The second way of constructing a query

            string queryString =

                "SELECT Name, ProcessId, Caption, ExecutablePath" +

                "  FROM Win32_Process";

                               

            SelectQuery query = new SelectQuery(queryString);

            ManagementScope scope = new ManagementScope( @"//127.0.0.1/root/CIMV2" );

           

            ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query);

            ManagementObjectCollection processes = searcher.Get();

           

            DataTable result = new DataTable();

            result.Columns.Add("Name", Type.GetType("System.String"));

            result.Columns.Add("ProcessId", Type.GetType("System.Int32"));

            result.Columns.Add("Caption", Type.GetType("System.String"));

            result.Columns.Add("Path", Type.GetType("System.String"));

           

            foreach(ManagementObject mo in processes)

            {

                DataRow row = result.NewRow();

                row["Name"] = mo["Name"].ToString();

                row["ProcessId"] = Convert.ToInt32(mo["ProcessId"]);

                if (mo["Caption"]!= null)

                    row["Caption"] = mo["Caption"].ToString();

                if (mo["ExecutablePath"]!= null)

                    row["Path"] = mo["ExecutablePath"].ToString();

                result.Rows.Add( row );

            }

            return result;

        }

 

        /// <summary>

        /// Get all processes that running in specific server

        /// </summary>

        /// <param name="sServerName"></param>

        /// <param name="sUserName"></param>

        /// <param name="sPassword"></param>

        /// <returns></returns>

        public static DataTable RunningProcesses(

            string sServerName,

            string sUserName,

            string sPassword )

        {

            // The second way of constructing a query

            string queryString =

                "SELECT Name, ProcessId, Caption, ExecutablePath" +

                "  FROM Win32_Process";

                               

            SelectQuery query = new SelectQuery(queryString);

 

            //Set connection parameters

            ConnectionOptions options = new ConnectionOptions();

            options.Username = sUserName;

            options.Password = sPassword;

           

            //Create management scope

            ManagementScope scope = new ManagementScope(

                string.Format( @"//{0}/root/CIMV2", sServerName ),

                options );

 

            //To connect

            try

            {

                scope.Connect();

            }

            catch( Exception err )

            {

                Debug.WriteLine( err.Message );

                return null;

            }

            catch

            {

                return null;

            }

 

            ManagementObjectSearcher searcher = new ManagementObjectSearcher(scope, query);

            ManagementObjectCollection processes = searcher.Get();

           

            DataTable result = new DataTable();

            result.Columns.Add("Name", Type.GetType("System.String"));

            result.Columns.Add("ProcessId", Type.GetType("System.Int32"));

            result.Columns.Add("Caption", Type.GetType("System.String"));

            result.Columns.Add("Path", Type.GetType("System.String"));

           

            foreach(ManagementObject mo in processes)

            {

                DataRow row = result.NewRow();

                row["Name"] = mo["Name"].ToString();

                row["ProcessId"] = Convert.ToInt32(mo["ProcessId"]);

                if (mo["Caption"]!= null)

                    row["Caption"] = mo["Caption"].ToString();

                if (mo["ExecutablePath"]!= null)

                    row["Path"] = mo["ExecutablePath"].ToString();

                result.Rows.Add( row );

            }

            return result;

        }

 

        /// <summary>

        /// Event handle function

        /// </summary>

        /// <param name="sender"></param>

        /// <param name="e"></param>

        private void OnEventArrived(object sender, System.Management.EventArrivedEventArgs e)

        {

            try

            {

                string eventName = e.NewEvent.ClassPath.ClassName;

                Debug.WriteLine( eventName );

 

                if (eventName.CompareTo("__InstanceCreationEvent")==0)

                {

                    // Started

                    if (Started!=null)

                        Started(this, e);

                }

                else if (eventName.CompareTo("__InstanceDeletionEvent")==0)

                {

                    // Terminated

                    if (Terminated!=null)

                        Terminated(this, e);

 

                }              

            }

            catch (Exception ex)

            {

                Debug.WriteLine(ex.Message);

            }

        }

       

    }

}

 

       大致类的说明如下:

1.  两个静态方法,是获得系统中所有进程(一个是获得本地;另一个是获得某个指定的服务器);

2.  OnEventArrived,事件响应函数,当根据事件类型来进行传递;

类的使用大致如下:

1.  获得本地系统中所有进程:

using WinProcess;

        DataTable dt = ProcessInfo.RunningProcesses( );

        dataGrid1.DataSource = dt;

 

2.  获得某个指定系统中所有进程:

using WinProcess;

        DataTable dt = ProcessInfo.RunningProcesses( Server, UserName, Psw );

        dataGrid1.DataSource = dt;

 

3.  监控某个程序并(以下是监控NotePad程序):

using WinProcess;

        private ProcessInfo notePad;

             

              //In your form load event

        notePad = new ProcessInfo("notepad.exe" );

        notePad.Started += new ProcessInfo.StartedEventHandler(this.NotepadStarted);

        notePad.Terminated += new ProcessInfo.TerminatedEventHandler (this.NotepadTerminated);

      

              //Define your event handle

        private void NotepadStarted(object sender, EventArgs e)

        {

            //Process start event

        }

        private void NotepadTerminated(object sender, EventArgs e)

        {

            //Process terminate event

        }

 

 

本来,想修改构造函数,使之能适应捕获到远程系统某个程序的事件,但是很不幸的是,捕获到的信息只是错误信息,其原因就是事件无法通过RPC获得,所以不得不放弃。


jmeter通过jmeter-plugins、jconsole对系统资源进行监控

Jmeter监控系统资源 Jmeter监听器选项不能满足我们对系统资源一些性能参数进行监控,我们可以通过jmeter的控件去对内存、CPU、磁盘I/O等性能进行监控; Jmeter-plugins...

Linux iostat --对系统磁盘操作进行监控 2013年7月4日

Linux系统中的 iostat是I/O statistics(输入/输出统计)的缩写,iostat工具将对系统的磁盘操作活动进行监视。它的特点是汇报磁盘活动统计情况,同时也会汇报出CPU使用情况。同...

十八.监控系统的负载和资源占用从而对系统进行保护(ngx_http_sysguard_module)

当swap的剩余百分比,剩下的内存,load值到设定的值时,就会跳转到action所指定的url。     server {         sysguard on;         s...

[Windows 监控]使用windows自带的工具去对某一进程实现监控,并取得这一进程对系统的资源使用情况

如何用windows自带的工具去监控某一进程对服务器资源的使用情况 通常情况下,我们会用LR去监控服务器的资源从而得到对系统并发时系统的资源使用情况。那么我们又如何使用windows自带的工具去对某...

使用UML对系统进行建模

  • 2012年05月22日 19:08
  • 495KB
  • 下载

监测并比对系统进程的DLL

  • 2012年01月18日 11:48
  • 3.99MB
  • 下载

Q146:PBRT-V3,对系统进行拓展(以添加一个新的Integrator为例)

本文的主要内容是:给PBRT-V3系统添加一个新的Integrator(比如,vcm),确保在编译PBRT-V3时能够编译到新添加的vcm文件,并能编译成功。 不含vcm的具体实现(必须实现的函数全...

UML需求建摸(对系统进行分解)

  • 2008年12月29日 10:52
  • 792KB
  • 下载

通过socket对系统端口进行扫描

设计图 实现 // PortScan.cpp : 定义控制台应用程序的入口点。 // //#include #include #include #pragma comment(lib,...
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:[愚翁专栏]如何对系统中的某个进程进行监控
举报原因:
原因补充:

(最多只允许输入30个字)