Historic blog. No longer active. See Also http://horizontal-logic.blogspot.com for more Powershell code. AS of 2/27/2014 all Scripts are PS 4.0.
Thursday, June 21, 2012
Charting Procmon network output with .NET 4.0 and Powershell
Lots to work out in this post. Powershell v 3.0 CTP2 or Beta. Procmon is Mark Russinovich's flagship tool for diagnosing Windows activity. It normally runs from the (admin) command prompt:
procmon /noconnect /nofilter /minimized /quiet
From Powershell admin prompt you can run thus:
start-process .\procmon.exe -arg '/LoadConfig JustNetwork.pmc' /quiet -verb runas -window hidden
whereupon a hidden procmon would run in the background capturing network traffic provided that you have exported the configuration 'JustNetwok.pmc' to your path. You can create this filter and export this configuration from the file menu:
Saturday, June 9, 2012
Subscribe to:
Posts (Atom)