programmatic access to total network bytes by a given process RRS feed

  • Question

  • When you launch Reliability and Performance Monitor tool in Win2K8 and select the top node (Reliability and Performance), you will see resource overview which includes data for CPU, Disk, Network & Memory. The Network section includes Image, PID, Address, Send (B/min), Receive (B/min) and Total (B/min) for each process. This is the part that is interesting to me. Where does windows get this information for a process by process? The performance object (Process) does not include the break down of IO for network. So my question, if I want to get this information, where can I get this info from through some windows API (WMI or perf counter or whatever)? Any help is greatly appreciated. Thanks.
    Wednesday, June 3, 2009 1:07 PM


  • Those network informaton come from the Kernel network events. There is no public API to get the exact data. We need to process kernel events to come up with such send, receive information.

    Thursday, June 4, 2009 1:07 AM