开发者

Monitoring processes of the Windows OS using the C language

I want to make an application in C or C++ which have to monitor some specific processes. How can I make it possibl开发者_如何学Goe in C?


You said that you have tomaonitor "some specific processes". If your application started the processes, you can extract the process handles from the PROCESS_INFORMATION structure (field hProcess) you passed to the CreateProcess function. If the process you want to track has been launched in some different way, you need the process' ID (PID), and use it as third argument of OpenProcess to obtain an handle. So you can use the WaitForSingleObject or WaitForMultipleObjects functions to wait for the process completion. Optionally you can obtain the process' exit code with the GetExitCodeProcess function. There are other ways by which an application can start a new process (e.g. by the _system() library function), but I strongly suggest to use CreateProcess directly in your code, since you can control the child process' behaviour completely (e.g. you can select the priority, pass stdin/stdout/stderr handles, decide the startup window's characteristics...).

Suggested example: http://msdn.microsoft.com/en-us/library/ms682512%28VS.85%29.aspx


You start a process in Windows with the CreateProcess() function. It returns a HANDLE to the process in PROCESS_INFORMATION.hProcess. That handle will be signaled when the process terminates, allowing you to keep track of its lifetime. Use WaitForSingleObject() or WaitForMultipleObjects() to do so. There's a code sample available here...


Before you write your own, have you looked at Process Monitor v2.8?

Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity. It combines the features of two legacy Sysinternals utilities, Filemon and Regmon, and adds an extensive list of enhancements including rich and non-destructive filtering, comprehensive event properties such session IDs and user names, reliable process information, full thread stacks with integrated symbol support for each operation, simultaneous logging to a file, and much more.


Boost.Process

sample for Win32 Platform.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜