I am developing a benchmarking tool on Windows that measures startup performance of a process. I have been recording total network traffic using Get-AdapterStatistics | ConvertTo-JSON powershell cmdlet and it gives me good data:
- Record current network stats (sum all bytes sent/receved for all adapters)
- Run my benchmark
- Record current network stats (sum all bytes sent/receved for all adapters), display the difference
This works fine and I see a strong (0.8) correlation between process startup time and bytes sent. What I don’t know is which processes send the data. How do I get this data?
What have I considered?
- Windows Resource Monitor – it samples network traffic by process but doesn’t save it anywhere
- Sysinternals Procmon – too low-level, also a GUI so a pain to work with
- Microsoft Network Monitor 3 – comes with nmcap.exe and could work but trouble is that it actually captures packets which is terribly inefficient
- Wireshark – has stats, but doesn’t understand processes
Ideally, I’d like a command-line tool on an API that can either give me total network bytes per process between time A and time B.
Suboptimal is throughput sampling similar to Resource Monitor, but again I need a command-line tool or an API, because I am automating this.
References:
- Network Traffic per process/application windows – discusses in-proc instrumentation and packet captures
- Something that *logs* network/traffic/bandwidth usage per process? – old question that mentions a single commercial soluition
