![]() ![]() ![]() Go to File -> Process Monitor Backing Files and select a Path.ģ. ![]() Download and Run the ProcMon tool as administrator. Set-up the test machines in such a way so that the issue can be reproduced easily.Ģ. These logs are required to capture the system events taking place during boot. This document describes the steps on how to collect ProcMon logs and Memory dump if the problem occurs during a system boot process (which means that it's generating BSODs at boot). Process Monitor is a free utility that can help us here. These logs will also be requested by Cisco TAC in order to troubleshoot such issues. Is there an appropriate way I should be setting the app up? I have it saving to a file rather than to the page file because I thought a log saved in the page file would be lost when the machine restarted.As a System Administrator, you may want to obtain detailed logs using the Process Monitor (procmon.exe) to determine, if the FireAMP connector experiences hangs during the computer startup process. I guess ProcMon had the log file open when the machine crashed, but I can't believe that such an important diagnostic tool, used and loved for years, wouldn't have crash resiliency. After the reboot (which is always successful), I checked the procmon log saved to disk, to find it corrupt. Then this morning, I brought it out of sleep, and the machine crashed again, not long before the logon screen would have been displayed, so the system background was displayed, and servicesĪnd apps would have been running. I started Procmon before I put the machine to sleep yesterday evening. The crash can happenĪt any point in the wake-up process up to the desktop being displayed. The Windows event viewer can see that the machine rebooted unexpectedly, but can't see a cause. I'm trying to use Procmon to diagnose a problem on a machine that crashes as it returns from an extended period in sleep/hibernation mode. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |