About
Monitoring (ie reading performance metrics op interval)
For traffic capturing, see Network - Trace (Capture|Sniffer|Analyzer) Tool (Packet Analysis)
Articles Related
Tools
NetHogs
nethogs. NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process. NetHogs heavily relies on /proc, most features are only available on Linux.
Process
strace
OS - strace (Interactions between processes and the Linux kernel)
To start and monitor an new process:
strace -f -e trace=network -s 10000 PROCESS ARGUMENTS
To monitor an existing process with a known PID:
strace -p $PID -f -e trace=network -s 10000
ProcMon
procmon can capture network event. Open the chm file
Process Monitor uses Event Tracing for Windows (ETW) to trace and record TCP and UDP activity. Each network operation includes the source and destination addresses, as well as the amount of data sent or received, but does not include the actual data.
Scripting:
set PM=C:\sysint\procmon.exe
REM ensures that the process detaches from the console window, which allows it to run concurrently with the later commands.
start %PM% /quiet /minimized /backingfile C:\temp\notepad.pml
REM the batch file to pause until the first instance is up and running and actively capturing events.
%PM% /waitforidle
start /wait notepad.exe
REM the first instance to stop capturing, commit any outstanding data to the backing file and exit cleanly.
%PM% /terminate
where Dos - Start Command