How to collect data about processes network activity?












4















Windows has Performance Monitor and Data Collector Sets feature. Apparently, it can log all system information.



I want to know, how much data, per process name, per remote IP address, was received and sent by my windows box.



Unfortunately, there are numerous performance counters and unintuitive interface. So I can't deduce how collect data I want.










share|improve this question



























    4















    Windows has Performance Monitor and Data Collector Sets feature. Apparently, it can log all system information.



    I want to know, how much data, per process name, per remote IP address, was received and sent by my windows box.



    Unfortunately, there are numerous performance counters and unintuitive interface. So I can't deduce how collect data I want.










    share|improve this question

























      4












      4








      4


      2






      Windows has Performance Monitor and Data Collector Sets feature. Apparently, it can log all system information.



      I want to know, how much data, per process name, per remote IP address, was received and sent by my windows box.



      Unfortunately, there are numerous performance counters and unintuitive interface. So I can't deduce how collect data I want.










      share|improve this question














      Windows has Performance Monitor and Data Collector Sets feature. Apparently, it can log all system information.



      I want to know, how much data, per process name, per remote IP address, was received and sent by my windows box.



      Unfortunately, there are numerous performance counters and unintuitive interface. So I can't deduce how collect data I want.







      windows networking performance performance-monitor






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Aug 30 '13 at 21:44









      Suzan CiocSuzan Cioc

      988102848




      988102848






















          2 Answers
          2






          active

          oldest

          votes


















          0














          Microsoft Network Monitor lets you view the traffic in a tree view. Top is traffic versus other traffic. Next level is the processes, for each processes all IPs are listed and for each IP all connections are listed. See the image below how that looks like.



          Unfortunately I did not see how to get the number of bytes sent per process or IP or connection.



          Microsoft Network Monitor Screenshot






          share|improve this answer































            0














            Good question.



            Download the process explorer from Windows Sysinternals which is a free and a good tool that shows you which process make an IP connection on which port.



            Also download Wireshark , which is a free utility and run it to obtain the statistic of the network traffic on network ports such as UDP, HTTP, SMTP etc..



            You can connect this two statistics to see which application sends which traffic. If you have a second computer , you can also use a TAP to look in your network connection.






            share|improve this answer


























            • I don't see any network related features in Process Explorer from SysInternals. Maybe you meant TCPView from SysInternals.

              – user2518618
              Sep 14 '16 at 22:04











            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "3"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f638956%2fhow-to-collect-data-about-processes-network-activity%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            0














            Microsoft Network Monitor lets you view the traffic in a tree view. Top is traffic versus other traffic. Next level is the processes, for each processes all IPs are listed and for each IP all connections are listed. See the image below how that looks like.



            Unfortunately I did not see how to get the number of bytes sent per process or IP or connection.



            Microsoft Network Monitor Screenshot






            share|improve this answer




























              0














              Microsoft Network Monitor lets you view the traffic in a tree view. Top is traffic versus other traffic. Next level is the processes, for each processes all IPs are listed and for each IP all connections are listed. See the image below how that looks like.



              Unfortunately I did not see how to get the number of bytes sent per process or IP or connection.



              Microsoft Network Monitor Screenshot






              share|improve this answer


























                0












                0








                0







                Microsoft Network Monitor lets you view the traffic in a tree view. Top is traffic versus other traffic. Next level is the processes, for each processes all IPs are listed and for each IP all connections are listed. See the image below how that looks like.



                Unfortunately I did not see how to get the number of bytes sent per process or IP or connection.



                Microsoft Network Monitor Screenshot






                share|improve this answer













                Microsoft Network Monitor lets you view the traffic in a tree view. Top is traffic versus other traffic. Next level is the processes, for each processes all IPs are listed and for each IP all connections are listed. See the image below how that looks like.



                Unfortunately I did not see how to get the number of bytes sent per process or IP or connection.



                Microsoft Network Monitor Screenshot







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Oct 23 '13 at 11:18









                Werner HenzeWerner Henze

                3,97931229




                3,97931229

























                    0














                    Good question.



                    Download the process explorer from Windows Sysinternals which is a free and a good tool that shows you which process make an IP connection on which port.



                    Also download Wireshark , which is a free utility and run it to obtain the statistic of the network traffic on network ports such as UDP, HTTP, SMTP etc..



                    You can connect this two statistics to see which application sends which traffic. If you have a second computer , you can also use a TAP to look in your network connection.






                    share|improve this answer


























                    • I don't see any network related features in Process Explorer from SysInternals. Maybe you meant TCPView from SysInternals.

                      – user2518618
                      Sep 14 '16 at 22:04
















                    0














                    Good question.



                    Download the process explorer from Windows Sysinternals which is a free and a good tool that shows you which process make an IP connection on which port.



                    Also download Wireshark , which is a free utility and run it to obtain the statistic of the network traffic on network ports such as UDP, HTTP, SMTP etc..



                    You can connect this two statistics to see which application sends which traffic. If you have a second computer , you can also use a TAP to look in your network connection.






                    share|improve this answer


























                    • I don't see any network related features in Process Explorer from SysInternals. Maybe you meant TCPView from SysInternals.

                      – user2518618
                      Sep 14 '16 at 22:04














                    0












                    0








                    0







                    Good question.



                    Download the process explorer from Windows Sysinternals which is a free and a good tool that shows you which process make an IP connection on which port.



                    Also download Wireshark , which is a free utility and run it to obtain the statistic of the network traffic on network ports such as UDP, HTTP, SMTP etc..



                    You can connect this two statistics to see which application sends which traffic. If you have a second computer , you can also use a TAP to look in your network connection.






                    share|improve this answer















                    Good question.



                    Download the process explorer from Windows Sysinternals which is a free and a good tool that shows you which process make an IP connection on which port.



                    Also download Wireshark , which is a free utility and run it to obtain the statistic of the network traffic on network ports such as UDP, HTTP, SMTP etc..



                    You can connect this two statistics to see which application sends which traffic. If you have a second computer , you can also use a TAP to look in your network connection.







                    share|improve this answer














                    share|improve this answer



                    share|improve this answer








                    edited Oct 23 '13 at 12:32









                    Ashildr

                    2,14442040




                    2,14442040










                    answered Oct 23 '13 at 11:02









                    user266169user266169

                    1




                    1













                    • I don't see any network related features in Process Explorer from SysInternals. Maybe you meant TCPView from SysInternals.

                      – user2518618
                      Sep 14 '16 at 22:04



















                    • I don't see any network related features in Process Explorer from SysInternals. Maybe you meant TCPView from SysInternals.

                      – user2518618
                      Sep 14 '16 at 22:04

















                    I don't see any network related features in Process Explorer from SysInternals. Maybe you meant TCPView from SysInternals.

                    – user2518618
                    Sep 14 '16 at 22:04





                    I don't see any network related features in Process Explorer from SysInternals. Maybe you meant TCPView from SysInternals.

                    – user2518618
                    Sep 14 '16 at 22:04


















                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Super User!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f638956%2fhow-to-collect-data-about-processes-network-activity%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    flock() on closed filehandle LOCK_FILE at /usr/bin/apt-mirror

                    Mangá

                    Eduardo VII do Reino Unido