如何监控进程?使用 C# 进行 IO 活动?
使用 FileSystemWatcher,我们可以监视特定文件系统的 IO 活动,但是是否有办法知道哪个正在运行的进程导致了该 IO?
更具体地说,假设一个正在运行的进程即。 abc.exe 正在驱动器 D 上创建文件 text.txt。我们可以使用 FileSystemWatcher 监视驱动器 D 中是否已创建名为 text.txt 的文件,但我们能否以编程方式确定名为 abc.exe 的进程正在创建该特定文件在D盘?
Using FileSystemWatcher we can monitor the IO activity of a particular file system, but is there anyway to know that which one of the running processes is causing that IO?
More specifically, suppose a running process viz. abc.exe is creating a file text.txt on drive D. We can monitor that a file named text.txt has been created in drive D using FileSystemWatcher, but can we determine programmatically that a process named abc.exe is creating that particular file in drive D?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
SysInternals 的
handle.exe是一个命令行工具,允许以编程方式访问打开特定文件或目录的程序。产生以下输出:
可以通过编程方式解析。
http://technet.microsoft.com/en-us/sysinternals/bb896655.aspx
handle.exefrom SysInternals is a command line tool that allow programmatic access to which program has a particular file or directory open.Produces this output:
Which can be parsed programmatically.
http://technet.microsoft.com/en-us/sysinternals/bb896655.aspx
不,这是不可能的。 FSW 位于文件系统驱动程序堆栈中非常低的级别。它只能知道文件系统正在被修改,但不知道被谁修改。这很大程度上是设计使然,它可能是一个位于世界另一端的过程,使用互联网上的 VPN 连接来使用文件共享。对于您的要求,没有合理的替代方案。
No, this is not possible. FSW sits at a very low level in the file system driver stack. It can only tell that the file system is getting modified, it doesn't know by whom. This is very much by design, it might be a process that sits half-way across the world, using a VPN connection over the internet to use a file share. There is no reasonable alternative for your request.
我建议使用 SysInternals 实用程序来实现此目的,而不是自行开发实用程序。
http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx
I would recommend SysInternals utilities for this rather than rolling your own.
http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx