Trace Summary Tools
Process Monitor includes a number of dialogs that allow you to perform simple data mining on the events collected in a trace.
System Details
Process Monitor captures some information about the system on which it collects a trace, including the machine name, the system root path, and whether the OS is 32-bit or 64-bit. You can access this information, which Process Monitor stores in log files, from the System Details dialog in the Tools menu.
Count Occurrences
Open the Count Occurrences dialog from the Tools menu. It displays the unique values seen in a trace for the attribute type you specify along with the number of times in the trace an event contained the value.
Process Summary
This dialog summarizes the processes seen in the trace, including their process ID, image name, and command line.
File Summary
The File Summary dialog lists each unique file system path present in the filtered trace, the amount of time spent performing I/O to the file, total number of events that referenced the path, and the count of individual operation types.
Registry Summary
The Registry Summary dialog lists each unique Registry path present in the filtered trace, the amount of time spent performing I/O to the Registry path, total number of events that referenced the path, and the count of individual operation types.
Network Summary
The Network Summary dialog lists each unique destination IP address present in the filtered trace and the number different types of events, including sends and receives, to each address.
Stack Summary
Use the Stack Summary dialog to see individual instances of stack traces for each process, including the number of times the stack trace occurs and the total time spent in events that share the same trace.
Cross Reference Summary This dialog shows the paths that are written by one process and read by another one.