Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How can I monitor I/O activity on a specific file or folder in Windows?

No ratings
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sonja_Bauernfeind
Digital Support
Digital Support

How can I monitor I/O activity on a specific file or folder in Windows?

Last Update:

Nov 19, 2020 11:57:10 AM

Updated By:

Andre_Sostizzo

Created date:

Sep 29, 2017 10:18:41 AM

It may be necessary to monitor I/O activity on a specific file or folder in Windows to:

  • Identify reasons for file corruption
  • Service failures
  • Task failures
  • etc...

 

Resolution:

 

Use Windows Sysinternals Process Monitor utility. (a.k.a. Procmon)

For example, download http://download.sysinternals.com/Files/ProcessMonitor.zip and extract procmon.exe to a directory in your PATH such as C:\Windows. Or copy it to a new directory named C:\Sysinternals and add that to your PATH. Or simply run procmon.exe by clicking here http://live.sysinternals.com/procmon.exe

To monitor a specific file or directory, set up a filter in Process Monitor as follows:

  1. Run procmon.exe
  2. Immediately press the magnifying glass toolbar button or disable "Capture Events" from the File menu (Ctrl-E)
  3. Press the "Clear" toolbar button or "Clear Display" from the Edit menu (Ctrl-X)
  4. To narrow the types of events to be captured click each of the rightmost toolbar buttons (except for the file cabinet) so they appear flush with the toolbar. Leave the file cabinet button pressed so that Process Monitor will show file system activity.
  5. Select "Filter..." from the Filter menu
  6. Press the Reset button if it is enabled
  7. In the filter fields, select "Path" "is" and then type into the entry field the local disk or UNC path name for the directory you want to monitor (e.g. c:\data or \\myserver\mydir). Select "Include", press Add, Apply, OK.
  8. Enable "Capture Events" (Ctrl-E) to watch the I/O activity in the specified directory.
  9. For other procmon options when capturing for extended periods, see File Access and Process Monitoring - How to find locked files and the processes locking them 

 

If you are diagnosing a problem such as "Access is denied", as soon as it occurs disable "Capture Events" and search back through the log to see what other process has accessed the file.

Select Find... from the Edit menu to search for a particular filename.

Note that you can save the log in various formats by selecting Save... from the File menu. Save the log in .PML format if you want to reopen it with Process Monitor.

For more information about Windows Sysinternals visit http://technet.microsoft.com/en-us/sysinternals/default.aspx

Related Content:

Labels (2)
3,718 Views
Was this article helpful? Yes No
Version history
Last update:
‎2020-11-19 11:57 AM
Updated by:
Digital Support