So I have a system that runs pretty slow at night when running a report. I've configured Performance Monitor to monitor the system. What I'm finding out is there is a process that is tying up all the CPU. I'm wanting to write a Powershell script that take a memory dump of the process id when a performance counter is hit. This is what I have so far:
$programid = (Get-Process | Sort-Object CPU -desc | Select-Object -index 1 | Format-Table Id -Autosize -hidetableheader)
$app = "C:\procdump\procdump.exe"
$argument1 = '-ma'
$argument2 = 'c:\appdumps\ -accepteula'
& $app $argument1 $programid $argument2
When I run the script, I get the following result:
& $app $argument1 $programid $argument2
ProcDump v7.1 - Writes process dump files
Copyright (C) 2009-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
With contributions from Andrew Richards
Monitors a process and writes a dump file when the process exceeds the
specified criteria or has an exception.
usage: procdump [-a] [[-c|-cl CPU usage] [-u] [-s seconds]] [-n exceeds] [-e [1] [-b]] [-f ] [-g] [-h] [
-l] [-m|-ml commit usage] [-ma | -mp] [-o] [-p|-pl counter threshold] [-r [1..5]] [-t] [-d ] [-64] <[-
w] [dump file] | -i [dump folder] | -u | -x [argument
s] >
-a Avoid outage. Requires -r. If the trigger will cause the target
to suspend for a prolonged time due to an exceeded concurrent
dump limit, the trigger will be skipped.
-b Treat debug breakpoints as exceptions (otherwise ignore them).
-c CPU threshold above which to create a dump of the process.
-cl CPU threshold below which to create a dump of the process.
-d Invoke the minidump callback routine named MiniDumpCallbackRoutine
of the specified DLL.
-e Write a dump when the process encounters an unhandled exception.
Include the 1 to create dump on first chance exceptions.
-f Filter on the content of exceptions and debug logging.
Wildcards (*) are supported.
-g Run as a native debugger in a managed process (no interop).
-h Write dump if process has a hung window (does not respond to
window messages for at least 5 seconds).
-i Install ProcDump as the AeDebug postmortem debugger.
Only -ma, -mp, -d and -r are supported as additional options.
Uninstall (-u only) restores the previous configuration.
-l Display the debug logging of the process.
-m Memory commit threshold in MB at which to create a dump.
-ml Trigger when memory commit drops below specified MB value.
-ma Write a dump file with all process memory. The default
dump format only includes thread and handle information.
-mp Write a dump file with thread and handle information, and all
read/write process memory. To minimize dump size, memory areas
larger than 512MB are searched for, and if found, the largest
area is excluded. A memory area is the collection of same
sized memory allocation areas. The removal of this (cache)
memory reduces Exchange and SQL Server dumps by over 90%.
-n Number of dumps to write before exiting.
-o Overwrite an existing dump file.
-p Trigger on the specified performance counter when the threshold
is exceeded. Note: to specify a process counter when there are
multiple instances of the process running, use the process ID
with the following syntax: "\Process(_)\counter"
-pl Trigger when performance counter falls below the specified value.
-r Dump using a clone. Concurrent limit is optional (default 1, max 5).
CAUTION: a high concurrency value may impact system performance.
- Windows 7 : Uses Reflection. OS doesn't support -e.
- Windows 8.0 : Uses Reflection. OS doesn't support -e.
- Windows 8.1+: Uses PSS. All trigger types are supported.
-s Consecutive seconds before dump is written (default is 10).
-t Write a dump when the process terminates.
-u Treat CPU usage relative to a single core (used with -c).
As the only option, Uninstalls ProcDump as the postmortem debugger.
-w Wait for the specified process to launch if it's not running.
-x Launch the specified image with optional arguments.
If it is a Store Application or Package, ProcDump will start
on the next activation (only).
-64 By default ProcDump will capture a 32-bit dump of a 32-bit process
when running on 64-bit Windows. This option overrides to create a
64-bit dump. Only use for WOW64 subsystem debugging.
Use the -accepteula command line option to automatically accept the
Sysinternals license agreement.
Use -? -e to see example command lines.
If you omit the dump file name, it defaults to _.dmp.
If I run this command manually:
C:\procdump>procdump.exe -ma 5264 c:\appdumps\ -accepteula
I get this output:
ProcDump v7.1 - Writes process dump files
Copyright (C) 2009-2014 Mark Russinovich
Sysinternals - www.sysinternals.com
With contributions from Andrew Richards
[12:25:06] Dump 1 initiated: c:\appdumps\notepad.exe_151212_122506.dmp
[12:25:07] Dump 1 writing: Estimated dump file size is 53 MB.
[12:25:07] Dump 1 complete: 53 MB written in 1.0 seconds
[12:25:08] Dump count reached.
I know the command works, just wondering what isn't getting passed correctly. Is there a way to setup a log to determine what exactly is being passed to procdump when it runs?
No comments:
Post a Comment