Use Process monitor to monitor another server's processes?

In a nutshell, i would like to use sysinternal process monitor to actually monitor a process that maybe terminating and acting abnormally from my client machine.  Reason being, the last time we ran process monitor on this machine, it tended to hog all the resources and even required us to restart the server to clear up some issues that we had while process monitor was being run on the server.

I'd like to have another go at it, installing process monitor and running on my machine, but can I use process monitor to remotely connect to the server in question in order monitor the processes mentioned?
sparky321Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

NVITCommented:
0
sparky321Author Commented:
@newvillageIT Not quite what I want to accomplish.  Seems like the resource talks of dumping to a log file on the remote station e.t.c.  What i'd like is to monitor the process of the remote station in real time, but placing the 'load' on my machine from running process monitor.
0
NVITCommented:
As far as the load, I think it depends partly on the process and the monitoring options you've chosen. How frequently it records is one factor.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

sparky321Author Commented:
Yes, the process monitor will be filtered down considerably which is a good point.  How to connect this up to the remote station and monitor real time from my machine is what i'm trying to accomplish.
0
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
The load is caused by not having set up a good filter at startup, and keep all events, even if filtered.
Watching remotely wouldn't help with that, the main issue is with collecting info. And you can't do that anyway.

Start ProcMon with /NoConnect /Quiet. This prevents the filter dialog popup and ProcMon starting to collect immediately.
Tick Filter » Drop Filtered Events.
Make sure to deselect any of the right 5 icons but the Show Process And Thread Activity, which is the last but one.
Set the filter to that specific process to monitor ("Process Name", "is", ...).
For easier startup you might want to export the configruation for later use (use with /LoadConfig ...
Now you can start monitoring.
0
sparky321Author Commented:
Ok @Qlemo this will definitely help.  I'll go with your suggestions.  Can you confirm that you are saying that process monitor cannot monitor a remote server in real time?  If not, will just run locally on that station again and minimize on the data / info. collecting.
0
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
Yes, there is no remote monitoring option.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
PaulOffordCommented:
The usual cause of a performance hit is if the log is backed with virtual memory.  Quite quickly the page file gets thrashed causing queuing on the C: drive.  Dropping filtered events certainly helps but we overcome the issue by outputting the log data to a separate drive.  A USB attached drive works a treat if you can attach one to your server.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 7

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.