Using WMI to monitor process creation, deletion and modification in .NET
"WMI is a powerful tool and I have just recently discovered some of its power. Previously I though the only way to detect process creation was by creating a windows hook but now I know it is fairly simple to due with .NET using the Windows.Management namespace.
Below is simple ProcessWatcher class that has events that are triggered when a process is created, deleted or modified. Enjoy! …"
Man, I dig WMI. It’s one of those technologies that you never seem to find the end of…
This is a cool C# example of using WMI eventing to track when processes come and go. Think writing your own Task Manager or auditing/logging/security tool…
Related Past Post XRef (I really wish Blogger natively supported tagging or categories… seems strange that a Google property doesn’t support tagging, does it?):
"Using Reflection in C# to print WMI object properties"
Management Strongly Typed Class Generator (Mgmtclassgen.exe)
ActiveWin.com - Scriptomatic 2.0
Download details: Do-It-Yourself Script Center Kit
I was afraid from[of] WMI (MgmtClassGen.exe)
How's My Driving? Monitoring Performance Using WMI
B i n k . n u | The Tweakomatic UtilMonitoring Application Health with WMI and .NET
No comments:
Post a Comment
NOTE: Anonymous Commenting has been turned off for a while... The comment spammers are just killing me...
ALL comments are moderated. I will review every comment before it will appear on the blog.
Your comment WILL NOT APPEAR UNTIL I approve it. This may take some hours...
I reserve, and will use, the right to not approve ANY comment for ANY reason. I will not usually, but if it's off topic, spam (or even close to spam-like), inflammatory, mean, etc, etc, well... then...
Please see my comment policy for more information if you are interested.
Thanks,
Greg
PS. I am proactively moderating comments. Your comment WILL NOT APPEAR UNTIL I approve it. This may take some hours...