检索进程网络使用情况
如何获取进程发送/接收字节? 首选方法是使用C#。
我搜索了很多,但我没有找到任何简单的解决方案。 一些解决方案建议在机器上安装WinPCap并使用此lib。
喜欢这个人问: 在托管代码中需要“具有网络活动的进程”function – 就像resmon.exe一样,我不想要lib的开销。
有一个简单的解决方案吗? 实际上我想要Windows资源监视器在“带网络活动的进程”选项卡下提供的确切数据: 
Windows的资源监视器如何获取此信息? 任何例子?
此外,尝试使用此处提到的计数器方法: 发送/接收的网络丢失但没有成功 – 因为并非每个进程都显示在此计数器下。 我再次想知道资源监视器如何在不使用此计数器的情况下获取此信息…
资源监视器使用ETW – 幸运的是,Microsoft已经创建了一个很好的nuget .net包装器 ,使其更易于使用。
我最近写了这样的东西来报告我的进程的网络IO:
using System; using System.Diagnostics; using System.Threading.Tasks; using Microsoft.Diagnostics.Tracing.Parsers; using Microsoft.Diagnostics.Tracing.Session; namespace ProcessMonitoring { public sealed class NetworkPerformanceReporter : IDisposable { private DateTime m_EtwStartTime; private TraceEventSession m_EtwSession; private readonly Counters m_Counters = new Counters(); private class Counters { public long Received; public long Sent; } private NetworkPerformanceReporter() { } public static NetworkPerformanceReporter Create() { var networkPerformancePresenter = new NetworkPerformanceReporter(); networkPerformancePresenter.Initialise(); return networkPerformancePresenter; } private void Initialise() { // Note that the ETW class blocks processing messages, so should be run on a different thread if you want the application to remain responsive. Task.Run(() => StartEtwSession()); } private void StartEtwSession() { try { var processId = Process.GetCurrentProcess().Id; ResetCounters(); using (m_EtwSession = new TraceEventSession("MyKernelAndClrEventsSession")) { m_EtwSession.EnableKernelProvider(KernelTraceEventParser.Keywords.NetworkTCPIP); m_EtwSession.Source.Kernel.TcpIpRecv += data => { if (data.ProcessID == processId) { lock (m_Counters) { m_Counters.Received += data.size; } } }; m_EtwSession.Source.Kernel.TcpIpSend += data => { if (data.ProcessID == processId) { lock (m_Counters) { m_Counters.Sent += data.size; } } }; m_EtwSession.Source.Process(); } } catch { ResetCounters(); // Stop reporting figures // Probably should log the exception } } public NetworkPerformanceData GetNetworkPerformanceData() { var timeDifferenceInSeconds = (DateTime.Now - m_EtwStartTime).TotalSeconds; NetworkPerformanceData networkData; lock (m_Counters) { networkData = new NetworkPerformanceData { BytesReceived = Convert.ToInt64(m_Counters.Received / timeDifferenceInSeconds), BytesSent = Convert.ToInt64(m_Counters.Sent / timeDifferenceInSeconds) }; } // Reset the counters to get a fresh reading for next time this is called. ResetCounters(); return networkData; } private void ResetCounters() { lock (m_Counters) { m_Counters.Sent = 0; m_Counters.Received = 0; } m_EtwStartTime = DateTime.Now; } public void Dispose() { m_EtwSession?.Dispose(); } } public sealed class NetworkPerformanceData { public long BytesReceived { get; set; } public long BytesSent { get; set; } } } 您可以使用PerformanceCounter 。 示例代码:
//Define string pn = "MyProcessName.exe"; var readOpSec = new PerformanceCounter("Process","IO Read Operations/sec", pn); var writeOpSec = new PerformanceCounter("Process","IO Write Operations/sec", pn); var dataOpSec = new PerformanceCounter("Process","IO Data Operations/sec", pn); var readBytesSec = new PerformanceCounter("Process","IO Read Bytes/sec", pn); var writeByteSec = new PerformanceCounter("Process","IO Write Bytes/sec", pn); var dataBytesSec = new PerformanceCounter("Process","IO Data Bytes/sec", pn); var counters = new List { readOpSec, writeOpSec, dataOpSec, readBytesSec, writeByteSec, dataBytesSec }; // get current value foreach (PerformanceCounter counter in counters) { float rawValue = counter.NextValue(); // display the value }
这是为了获得网卡的性能计数器。 请注意,它不是特定于流程的
string cn = "get connection string from WMI"; var networkBytesSent = new PerformanceCounter("Network Interface", "Bytes Sent/sec", cn); var networkBytesReceived = new PerformanceCounter("Network Interface", "Bytes Received/sec", cn); var networkBytesTotal = new PerformanceCounter("Network Interface", "Bytes Total/sec", cn); Counters.Add(networkBytesSent); Counters.Add(networkBytesReceived); Counters.Add(networkBytesTotal);