Solved Batch Script typeperf.exe MONITOR CPU PROCESS

Netgear / Dg834g
October 4, 2014 at 22:17:00
Specs: Windows XP, HexaCore AMD FX-6100, 1400 MHz (7 x 200) / 4gb DDR
MONITOR CPU PROCESS, Have been using some third party software to monitor the total overall process on my CPU this is handy but unfortunately other Anti virus software keeps flagging it as malicious software, I really want to use a script that can do this for me that will avoid these problems, I found this pice of code online from http://stackoverflow.com/questions/... according to the user who requested help it works for him but I am getting an error message can anyone here tell me what's wrong ?

Here is my modified code below, all I have changed is adding the SET Variable to simplify setting an PROGRAMNAME.EXE to monitor.

@echo on
setlocal enabledelayedexpansion
:: --------------- debug -----------------
:selftst
echo ERROR TEST LOG FLAG
IF NOT %1!==/go! %0 /go 1>%~n0.log 2>&1
SHIFT

ECHO %1 %2 %3 %4 %5
:: ---------------------------------------
set xyz=PROGRAMNAME.exe

:check


for /f "skip=2 tokens=2 delims=," %%c in ('typeperf "\Process(%xyz%)\%% Processor Time" -sc 1') do (
set cpu_usage=%%~c
goto :break
)

:break


echo %cpu_usage%
set cpu_usage=%cpu_usage:.=%

:: 1 is set in the front to avoid octal comparison
if 1%cpu_usage% LSS 11000000 (
goto :check_process
) else (
goto :check
)
:: sleep for 1 second
pathping 127.0.0.1 -n -q 1 -p 1000 >nul 2>&1
:check_process


QPROCESS * | find /i "%xyz%" >nul 2>&1 && (
echo process %xyz% is running
) || (
echo process %xyz% is not running
)


endlocal

Below is the DUMP of the entire script.

OUTPUT


D:\MERGE>setlocal enabledelayedexpansion

D:\MERGE>echo ERROR TEST LOG FLAG
ERROR TEST LOG FLAG

D:\MERGE>IF NOT /go! == /go! "D:\MERGE\cpumon1.bat" /go 1>cpumon1.log 2>&1

D:\MERGE>SHIFT

D:\MERGE>ECHO
ECHO is on.

D:\MERGE>set xyz=PROGRAMNAME.exe

D:\MERGE>for /F "skip=2 tokens=2 delims=," %c in ('typeperf "\Process(PROGRAMNAME.exe)\% Processor Time" -sc 1') do (
set cpu_usage=%~c
goto :break
)

D:\MERGE>echo
ECHO is on.

D:\MERGE>set cpu_usage=.=
= was unexpected at this time.
D:\MERGE>if 1.= LSS 11000000 (

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-

message edited by Ortorea


See More: Batch Script typeperf.exe MONITOR CPU PROCESS

Report •

✔ Best Answer
October 5, 2014 at 21:16:04
You don't have XP home, do you? I think that's the one main version of Windows without WMIC.

How To Ask Questions The Smart Way



#1
October 5, 2014 at 01:13:49
I just found out that it needs these switches but now the batch window is blank ?

typeperf -cf "\Process(%xyz%)\%% Processor Time" -sc 1') do (

Still need a solution though :(

I am thinking the version of typeperf.exe I downloaded is an older version I am using Windows XP and searched high and low and can't seem to find the one being used in windows 7 anywhere can anyone help ?

Michelle

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-

message edited by Ortorea


Report •

#2
October 5, 2014 at 09:05:12
the -cf switch is for a file containing a list of performance counters. Its usage would be incorrect here. I assume you're not getting any performance metrics because you're using 'process.exe', instead of just 'process'.

typeperf is bundled with the Windows SDK, I believe. I have it on my boxes, but all of my boxes have developer tools installed. The more compatible way would be through WMI. That injects compatibility concerns with XP, but that OS is no longer supported, so why worry.

set proc=cmd
for /f "tokens=2 delims==" %%a in ('wmic path Win32_PerfFormattedData_PerfProc_Process where "Name='%proc%'" get PercentProcessorTime /value') do set procTime=%%a
@set procTime
pause

How To Ask Questions The Smart Way

message edited by Razor2.3


Report •

#3
October 5, 2014 at 09:59:11
Thanks Razor I am dying to try this out but must dash out to help a friend before the sun goes down, will try this as soon as I get back, I am not really looking for anything too complex I simply want to run a sniffer in my batch files to makes sure certain programs are idle or not running before my batch script shuts down the server, for example it would be bad to shutdown the server in the middle of a scheduled anti virus scan or in the middle of a task that could cause data loss.

Thanks Michelle

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-

message edited by Ortorea


Report •

Related Solutions

#4
October 5, 2014 at 16:37:03
Hi Razor, Just ran a quick test on the code you gave me just as is, got this error dump below.


D:\MERGE>echo ERROR TEST LOG FLAG
ERROR TEST LOG FLAG

D:\MERGE>IF NOT /go! == /go! "D:\MERGE\#cpu-process.bat" /go 1>#cpu-process.log 2>&1

D:\MERGE>SHIFT

D:\MERGE>ECHO
ECHO is on.

D:\MERGE>C:

C:\>set proc=cmd

C:\>for /F "tokens=2 delims==" %a in ('wmic path Win32_PerfFormattedData_PerfProc_Process where "Name='cmd'" get PercentProcessorTime /value') do set procTime=%a
'wmic' is not recognized as an internal or external command,
operable program or batch file.
Environment variable procTime not defined

C:\>echo.


C:\>echo.


C:\>echo procTime
procTime

C:\>echo.


C:\>echo.


C:\>pause
Press any key to continue . . .

C:\>endlocal


Hmmm I guess I must be missing a few things or a path or something ? I also searched for other alternatives I did find another tool called logman.exe I substituted it to try in place of typeperf as some of the code looked similar but that baffles me completely as it seems to complex for what I want it to do, which is basically to monitor several processes at various times taking snapshots over 60 second periods to make sure the processes are idle before going onto another task not really wanting to log all the data but to trigger some IDLE flag if processes below 20% etc.

Anyway it's been a long day as I spent 6 hours looking for this typeperf.exe only to later discover it was primarily for windows 7 as the old win2k version is wholly inadequate as it lacks functionality in my efforts to apply some standard command switches it turns out the old version does not support them :( version 4.0

time for sleep will check back tomorrow thanks Razor for trying with this code you gave me, I am on XP HOME SP3 btw have a lot of sysinternals tools maybe one of those can do what I want ?

Michelle

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-

message edited by Ortorea


Report •

#5
October 5, 2014 at 21:16:04
✔ Best Answer
You don't have XP home, do you? I think that's the one main version of Windows without WMIC.

How To Ask Questions The Smart Way


Report •

#6
October 6, 2014 at 02:53:32
Yes XP HOME Reason being is I never buy Microsoft software usually wait until someone donates and old computer to me with a sticker on the side its just pot luck lol that |I have xp home ;)

Maybe could get the fatman to sing is the way I feel at the moment I mean feel like wurzel gummage not got my thinking head on, guess its back to the drawing board

Michelle

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-

message edited by Ortorea


Report •

#7
October 6, 2014 at 04:21:19
I found this just studying it

http://social.technet.microsoft.com...

And some counters but seems cumbersome
http://ss64.com/nt/syntax-performan...


AHHH I just found this it looks like the sort of thing I want just needs some minor adjustments to monitor only the processes I want I think less cluttered by the looks of it.

http://stackoverflow.com/questions/...
Michelle

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-

message edited by Ortorea


Report •

#8
October 6, 2014 at 05:15:39
You could also use VBScript. It has native WMI support.
Const procName = "explorer"
Set proc = GetObject("winmgmts:Win32_PerfFormattedData_PerfProc_Process.Name='" & _
           procName & "'")
WScript.Echo proc.PercentProcessorTime

How To Ask Questions The Smart Way


Report •

#9
October 6, 2014 at 06:20:43
Hi Razor2.3 :o)

Don't have many vbs scripts generally you seem very sharp on the mark today ;) pardon the pun if it can easily be integrated with my batch files it might do the trick ! I really have very little knowledge on them, would it be able to monitor network on active LAN activity as well ? Because I need to monitor 2 primary things network and cpu on the local machine the script runs on to set IDLE flags so my other batch file can make a decision based on the following criteria %time% of day, %CPU idle and %network% idle when conditions are true then it is presumed my server can do a safe reboot without cutting anyone off voice chat servers as they use both bw and cpu more when active.


Michelle

P.S. Just tried running that script a window pops up after running it but always says 0

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-

message edited by Ortorea


Report •

#10
October 6, 2014 at 07:50:50
Yeah, I'm pulling up the %% Processor TIme for the Explorer shell. It doesn't do much, CPU wise. I'd be surprised if it ever hit 1%, unless you have a misbehaving third party shell extension.

As for the real issue, I'd look into the voice chat software's network activity. Is a TCP connection established only when the clients are actively using the service? If so, get the PID of the voice chat server, and then just do a NETSTAT -O | FINDSTR "ESTABLISHED" | FINDSTR "<pid>$". If you get anything returned, you have an active connection. If not, you can reboot.

As for communicating with batch, Change "WScript.Echo" to "WScript.StdOut.WriteLine". In your batch, call the script with "cscript //nologo <scriptNameHere>.vbs". Then you treat the output as you would any other command.

How To Ask Questions The Smart Way


Report •

#11
October 6, 2014 at 08:07:07
It is actually a TEAMSPEAK3 Server I am monitoring in part tried it in a cmd window but nothing happened

Michelle

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-


Report •

#12
October 6, 2014 at 13:09:39
Razor this just don't seem to be working for me, so far not seen any real output from anything tried here it is confusing swapping from one code to another just need something fairly simple that’s pretty much plug and play.

Michelle

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-


Report •

#13
October 6, 2014 at 14:48:48
If you don't like the option, don't use it. I've already said what was wrong with the original code. Don't use "process.exe", just use "process", and don't use the -cf switch.

How To Ask Questions The Smart Way


Report •

#14
October 6, 2014 at 17:06:35
ahhh ok thanks will try some more tomorrow think I got an eye infection like needles in my eye making it hard to concentrate and read too thanks Razor :)

Michelle

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-


Report •

#15
October 7, 2014 at 16:35:05
I am in fact trying to get this to work on my main 6 core CPU machine it maybe this that is the reason it is not working, ultimately it will be used ona server with a single core or my backup server that is dual core.

I just got a message asking me to select best answer but its not resolved yet.

Michelle

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-

message edited by Ortorea


Report •

#16
October 7, 2014 at 16:42:34
I am currently testing with this to try and get this working !


@echo on
setlocal enabledelayedexpansion
if not exist c:\perflogs md c:\perflogs
if exist debug goto cont

:: --------------- debug -----------------
:selftst
> debug echo 1
@echo on
echo ERROR TEST LOG FLAG
IF NOT %1!==/go! %0 /go 1>%~n0.log 2>&1
SHIFT

ECHO %1 %2 %3 %4 %5
goto nobug
:: ---------------------------------------
:cont
if exist debug del debug
:nobug
set xyz=ts3client_win32

:check
for /f "skip=2 tokens=2 delims=," %%c in ('logman create counter cpu_memo_trh -c "\Processor(_Total)\%% Processor Time" "\Memory\Pool Paged Bytes" "\Process(%xyz%)\Thread Count"') do (
logman update cpu_memo_trh -si 60
set cpu_usage=%%c
echo %%c
logman start cpu_memo_trh
goto :break

)

:break
echo "%%c"
echo %cpu_usage%
set cpu_usage=%cpu_usage%
if exist sleep.com sleep 3
cls


:: 1 is set in the front to avoid octal comparison
if 1%cpu_usage% LSS 11000000. (
goto :check_process
) else (
goto :check
)
:: sleep for 1 second
pathping 127.0.0.1 -n -q 1 -p 1000 >nul 2>&1
:check_process


QPROCESS * | find /i "%xyz%" >nul 2>&1 && (
echo process %xyz% is running
) || (
echo process %xyz% is not running
)


if exist cpumon2.log notepad cpumon2.log
sleep 4
cls
if exist cpumon2.log del cpumon2.log
endlocal

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-


Report •

#17
October 9, 2014 at 16:14:36
HI :O

Jumping in kind of late-in-the-game, but I think TYPEPERF is more what you're aiming at (vs logman). LOGMAN logs to diskfile, at intervals, while TYPEPERF reports to stdout either specified no. of times, or at intervals indefinitely. For batch, to do a spot-check, you would want a single instance, like this:
set xyz=%1
:: note: NO .exe extension, as Razor pointed out
if not defined xyz set xyz=ts3client_win32
'TYPEPERF "PROCESS(%xyz%)\%%PROCESSOR TIME" -SC 1

But all I ever got was zeros, so you might want to re-think your approach. Use:
TYPEPERF /Q or TYPEPERF /QX
to get a list of all the options. You might decide that TCP or SERVER provide a more meaningful subset than PROCESS or PROCESSOR, or a different set of paramaters,
such as IO READ OPERATIONS/SEC. It's not a problem getting your thing to work,
(Just drop the above into a FOR, and collect the second comma-token)
it's whether that thing actually gives you something meaninful or useful. It may require some experimentation to get the best combination for a safe shutdown. Good Luck!

message edited by nbrane


Report •

#18
October 9, 2014 at 17:35:56
I don't think I ever used TeamSpeak. Most of the people I'd talk with used Ventrilo. That said, I'm pretty sure you can count the number of established ports TeamSpeak is using, and get a reliable count of users that way.

How To Ask Questions The Smart Way


Report •

#19
October 9, 2014 at 22:00:26
Thanks nbrane for coming in with some support here, In fact I was first trying TYPEPERF but it turned out that XP HoME DOES NOT HAVE IT, I searched everywhere online trying to find a copy, the only one I found was from a windows 2000 version and it did not support the switches /? that everyone was using the win 2000 version is very limited, I managed to get a copy off a windows Vista 32 bit operating system but got errors "This is not a valid win32 application" this is why I fell back onto LOGMAN as I posted earlier the version information on the TYPEPERF I found if you look at it and try running much of the code found in searches online and try to run that code on the 2k version of TYPEPERF it fails :(

But I don't want to get pegged on just teamspeak, I also run a Ventrilo server but it is rather old hat to me now its MONO and teamspeak has real stereo and many more features and better blocking of bad guys as it blocks users by machine mac rather than I.P. I.P. blocking is also inferior as people can easily cercumvent this with spoofing their I.P. or like here in the U.K. most users are assigned a new I.P. address anyway when they reset their router, most service providers do this here. I have hoped to get TYPEPERF working tried very hard to the point I almost felt like giving it up as a bad job, I agree LOGMAN is very cluttered and it meant for sustained monitoring over time.

I also run a FTP server so if we go down the road of monitoring network traffic then it needs to be able to monitor FTP aswell in that case.

My servers include the following:

TEAMSPEAK STANDARD
TEAMSPEAK 3
VENTRILO
FILEZILLA ftp

However I am at the point of thinking of dropping ventrilo for the reasons mentioned.

Also it is the server not the client we are monitoring
D:\Program Files\teamspeak3-server_win32a\ts3server_win32.exe

Michelle

P.S. I will make a short video using some TYPERF commands so you can see what I mean.

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-

message edited by Ortorea


Report •

#20
October 9, 2014 at 22:34:49
Run NETSTAT -NO, and look for lines with ESTABLISHED; out of those look for the PID of those services. Each one should be an active user. How you get the PID from the name is an exercise left up to the reader.

How To Ask Questions The Smart Way


Report •

#21
October 9, 2014 at 22:51:11
OK Razor, I will have to do this later when some external users are connected to my server as it's 06:49 here at the moment so not very active I am the only one connected to my teamspeak 3 server right now but over LAN

C:\Documents and Settings\chelley>NETSTAT -NO

Active Connections

Proto Local Address Foreign Address State PID
TCP 127.0.0.1:1061 127.0.0.1:14147 ESTABLISHED 2100
TCP 127.0.0.1:14147 127.0.0.1:1061 ESTABLISHED 1624
TCP 192.168.2.10:139 192.168.2.26:2545 ESTABLISHED 4
TCP 192.168.2.10:1585 67.215.92.215:443 CLOSE_WAIT 668
TCP 192.168.2.10:1688 192.168.2.26:139 ESTABLISHED 4

And I don't think TS3 is being detected, I just ran the NETSTAT with me connected over LAN then I disconnected and ran it again their was no change in the list so, will need some external users some friends will be on later today to check against.

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-

message edited by Ortorea


Report •

#22
October 11, 2014 at 03:15:31
Dear Razor, here is something rather ODD it seems that Teamspeak 3 server is working in a rather weird way, doing a netstat is not actually pulling up active connections on TS3 SERVER for some reason however I can see information on it in SYSINTERNALS "Process Explorer" which means it must be a HIDDEN process as the sysinternals can view hidden processes.

Meanwhile I got some code from nbrane to try out in a PM so will go down that road for now.

Michelle

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-


Report •

#23
October 11, 2014 at 08:11:04
I made this short Video why I can't use TYPEPERF http://youtu.be/7lbahyYDmb0

Michelle

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-


Report •

#24
October 18, 2014 at 08:27:58
Sorry for the long ABSENCE Just had a lot on my plate lately, A kind fellow was able to get me a copy of TYPERF for XP HOME I now have it working on my computer, seem to have gone full circle here so back to typerf and this is what I am playing with now, based on the original code I found online I have stuck some extra echo lines in there to see what is going on, this does work for me, at first I was a little confused about which called loops were in fact running which is why I put extra echo's in there.

I did not get very far with netstat as the TEAMSPEAK server seems to have a lot of hidden listening ports, also it uses very little cpu anyway, most of the processing work is done on the client side, so monitoring cpu level does not really gain much, I decided that it is best to just monitor the TOTAL incoming and outgoing bandwidth of the network as that covers ALL including my FTP server, and TEAMSPEAK server and makes things much easier than monitoring APP by APP scenario.

Anyway back to what I am playing around with at the moment regarding CPU usage, mostly to see if the server is running any busy apps, however when running this script I noticed when I pushed my PTT button on teamspeak (Push To Talk) the cpu usage hardly changed at all so using this to monitor user activity is pointless, but its a useful test however.

UPDATED: 19 October (Cleaned up TEST CODE a little)

@echo off
setlocal enabledelayedexpansion
if exist sleep.com (set wait=sleep) else (set wait=:: )
if not exist sleep.com (set stop=pause) else (set stop=:: )
set xyz=explorer

:check
for /f "skip=2 tokens=2 delims=," %%c in ('typeperf "\Process(%%xyz%%)\%% Processor Time" -sc 3') do (
set cpu_usage=%%~c
goto :break


)
:break
echo %cpu_usage%
set cpu_usage=%cpu_usage:.=%
%wait% 3
cls

:: 1 is set in the front to avoid octal comparison
echo %xyz% cpu_usage = 1%cpu_usage%
if 1%cpu_usage% LSS 111.625000 (
echo Going to check_process
echo.
goto :check_process

) else (

echo Going to check
echo process %xyz% is ACTIVE
echo.
goto :check

)
:: sleep for 1 second
pathping 127.0.0.1 -n -q 1 -p 1000 >nul 2>&1


:check_process
QPROCESS * | find /i %xyz% >nul 2>&1 (

%wait% 5
cls
:: goto done

) || (
echo process %xyz% is IDLE

%wait% 3
cls
:done
%stop%
endlocal

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-

message edited by Ortorea


Report •

#25
October 19, 2014 at 16:17:35
I think we can call this thread solved for now, as I got the main typeperf thing to work I will just open a new question to start fresh when dealing with network stuff helps avoid to much clutter.

Thank you Razor 2.3 && nbrane for help on this thread.

Michelle

If Dreams Come True Oleg Would be Famous so far he's very shy, so much for Being Famous ;) http://www.book-stores.com/angels-


Report •

Ask Question