Re: monitor performance counter for a specific pro...

barsuk1 · ‎11-27-2011

Hi,
Is there a way to do the subj. , i.e. to monitor performance counter of a specific process on Windows? Let's say I have some service process running on windows. I can add performance counter to it on Windows perfmon for example for the Processor Usage % (or whatever is available on Windows). However on Splunk "Local Performance Monitoring" I see only the system wide preformance counters?

dguimbellot2019 · ‎03-26-2019

i updated the wmi.conf to include this
[WMI:ProcessPath]
interval = 60
disabled = 0
index = default
wql = select Path, ProcessId from Win32_Process where Name like 'foobar%'

MHibbin · ‎11-27-2011

have you tried writing a custom script which outputs the data you require to stdout (or to a log file if you prefer)... and then add it as a scripted input for Splunk (of get Splunk to monitor the file you created with you custom script).

Ayn · ‎11-28-2011

Not out of the box, no.

barsuk1 · ‎11-28-2011

no I did not try, but I guess it is possible. however my question was if Splunk knows how to look at this counters by itself... so the answer here is probably NO?

monitor performance counter for a specific process

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Announcing the General Availability of Splunk Enterprise Security 8.1!

Developer Spotlight with William Searle

Are you a member of the Splunk Community?

monitor performance counter for a specific process

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Announcing the General Availability of Splunk Enterprise Security 8.1!

Developer Spotlight with William Searle