Long term monitoring

CEHJ
CEHJ used Ask the Experts™
on
I need to isolate some problems with a Win 7 box maxing out its CPU from time to time and basically becoming unresponsive to the user's demands. This could be over several days.
I want to be able to look at the stats and say to myself somthing like:  "I see Foo.exe regularly maxes out the CPU and takes a lot of memory too"
At the same time, i want to avoid things like:

producing a log file of the kind of size that becomes a problem
producing stats that are difficult to analyze
producing stats that are not relevant

I haven't done this before and am not sure what tool to use. I've perused things like Perfmon and xperf
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
As a first try, and with on-board software, open Resource Monitor (Admin Tools) and click on the CPU tab. It shows CPU usage over time.

You could set it up and ask users to alert you when CPU is high.
Top Expert 2016

Author

Commented:
No, i think that's not really practicable. They are not technical and there's not much i can do if they notice this (which they might not) if they telephone me.
Lee W, MVPTechnology and Business Process Advisor
Most Valuable Expert 2013
Commented:
i would say perfmon - BUT - does that make sense - how much time are you going to put into troubleshooting this compared to a clean install?
Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Performance Monitor lets you collect data but there is a bit of setup to get you going.
Top Expert 2016

Author

Commented:
how much time are you going to put into troubleshooting this compared to a ...
Good point. Am hoping to find one rogue process ;)
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
For finding a rogue process , I often use Process Explorer (good tool).

Look down under Explorer (left side tree) as a starting point.

Now look for strange alpha numeric processes. Kill these, do not restart, run Malwarebytes to keep up the problems. When it is done, restart and test.
Top Expert 2016

Author

Commented:
For finding a rogue process , I often use Process Explorer (good tool).

You're missing the point John - i shall not be at the box. Also, i don't mean 'rogue' as in malware, but as in badly behaved
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
I find most badly behaved software (e.g. mixing Symantec Endpoint with Windows Defender when upgrading to Windows 10) shows up right away.

I do not know (beyond what we discussed here) what will show you CPU spikes on a long term basis.
Top Expert 2016

Author

Commented:
This question is not abandoned. I'm still waiting from someone experienced in absent, lengthy process monitoring. If that someone doesn't arrive, i shall close it as unanswered
Lee W, MVPTechnology and Business Process Advisor
Most Valuable Expert 2013

Commented:
Perfmon is a perfectly valid answer given that it logs data and allows it to analyzed.  Difficult to analyze means suggests you don't want to spend the proper time learning how to use it.
Top Expert 2016

Author

Commented:
Well, of course, it was i that mentioned Perfmon. I would like to hear from people who have carried out what i want to do
"Batchelor", Developer and EE Topic Advisor
Top Expert 2015
Commented:
Sadly I cannot remember exactly how to do it, but PerfMon allows to set up start collecting a set of stats based on events, like "CPU > 80 % for 5 minutes", running for a certain period. That should allow for "post-mortem" analysis without having too much on the table.
Hi cehj,

What you really need is a profiling tool to show you where the hotspots are in the code.  There are two natural choices; Windows Performance Toolkit (WPT) and PerfView.  Both are Microsoft tools and free for download.

There is a minor drawback with WPT; during recording you need to disable Executive Paging, and it can be tricky getting Change Control permission to do that.  There is no noticeable impact.  I've been running my laptop with Executive Paging disabled for about 6 months and I haven't noticed any difference.

From a practical point of view, WPT would probably be favorite for you as the recorder (WPR) can be run in command line mode and so you could simply set it up as a Scheduled Task on a users PC.  However, I have to say I really like PerfView for analysis.  Luckily you can capture with WPR and analyse with PerfView if you want.

Both tools can run in a ring buffer mode.  Obviously, you'll need to test it and you'll need to put in place a procedure that needs to be followed when the problem occurs.

There are a good sequence of videos covering WPT on Microsoft's Channel 9 - see https://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-39-Windows-Performance-Toolkit

For PerfView, again it's Channel 9 - see https://channel9.msdn.com/Series/PerfView-Tutorial

They even cover analysis of hot code!

Best regards...Paul

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial