Thursday, July 16, 2009

New tool ProcDump

New from the Windows Sysinternals Team

ProcDump is a command-line utility whose primary purpose is monitoring an application for CPU spikes and generating crash dumps during a spike that an administrator or developer can use to determine the cause of the spike. ProcDump also includes hung window monitoring (using the same definition of a window hang that Windows and Task Manager use) and unhandled exception monitoring. It also can serve as a general process dump utility that you can embed in other scripts.

Using ProcDump

usage: procdump [-c CPU usage [-u] [-s seconds] [-n exceeds]] [-h] [-e] [-ma] [-r] [-o] [[<process name or PID> [dump file]] | [-x <image file> <dump file> [arguments]]

-c CPU threshold at which to create a dump of the process.

-e Write a dump when the process encounters an unhandled exception.

-h Write dump if process has a hung window.

-ma Write a dump file with all process memory. The defaultdump format includes thread and handle information.

-n Number of dumps to write before exiting.

-o Overwrite an existing dump file.

-r Reflect (clone) the process for the dump to minimize the time the process is suspended (Windows 7 and higher only).

-s Consecutive seconds CPU threshold must be hit before dump is written (default is 10).

-u Treat CPU usage relative to a single core.

-x Launch the specified image with optional arguments.

To just create a dump of a running process, omit the CPU threshold. If you omit the dump file name, it defaults to <processname>.dmp.

get it here