There are many blogs written about using Sysinternals Process Monitor for debugging software, computers and networks at an advanced level, but very few of the blogs actually explain how to go about simply attaching a process to the monitor. This blog will detail the steps to needed to attach a process to the monitor and should help people new to Process Monitor get started. Happy debugging!
Sysinternals Process Monitor
Create a simple C# windows form program to use as the process to which we will attach. The program reads some lines from an input file and writes them to an output file when a button is clicked.
1. Start the program to create the process. For the purposes of this blog, the program is called ReadWriteProgram.
2. Open the Task Manager. Right click on the process you want to debug and select properties. Highlight and copy its name as seen below.
3. Open Process Monitor. The filter dialog box will appear along with the main window. Paste in your process name. In the example below, the location shows ReadWriteProgram.exe. In the dropdown to the far left, select “Process Name.” Make sure “Include” is selected on the far right dropdown. Finally, click the “Add” button followed by “OK.”. The Process Monitor will now be running and waiting for the ReadWriteProgram.exe to do something.
4. Click the “Programs” button and the Process Monitor shows each read, write and close of the files being processed.