TechQA.

Procmon command line does not save filtered output

2.8k views Asked by At

I am using procmon command line.

procmon.exe /Quiet /Minimized /Openlog C:\Python27\code2\logs.pml /LoadConfig C:\Python27\code2\pmc.pmc /SaveAs C:\Python27\code2\output.csv

After running the above command, the procmon UI shows filtered events but the saved file - output.csv contains all the events.

Is there an option to save the filtered output via cmd? If not, is there a way to copy the output to cmd?

windows procmon process-monitor
Original Q&A
1

There are 1 answers

0
tryingToLearn On BEST ANSWER

I figured it out. I was missing the /SaveApplyFilter option. It's strange I did not find a quick reference on forums either. So adding 

/SaveApplyFilter /SaveAs C:\code2\testing2.csv

achieved the desired result.

Also, since I was using existing log file, there is no need to use "Drop Filtered Events" while saving the configuration file.

In case you are capturing logs and want to save them with filters applied, you could enable "Drop Filtered Events" to capture only the required events.

Related Questions in WINDOWS

Related Questions in PROCMON

Related Questions in PROCESS-MONITOR

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions