windows下如何监控进程网络使用情况 [英] How to monitor process network usage under windows
问题描述
我正在寻找一种方法来获取信息列表,就像 windows 下的资源监视器所做的那样,例如:我想知道所选应用程序的地址以及发送和接收使用情况.
一开始我正在寻找一个 c++ win32 api 或其他开源库来执行此操作,我可以找到类似 GetProcessInformation 但它不包含网络信息.
我看到了一些类似的主题,但它们没有帮助.
Ref_001,看来网络监视器api不能做应用程序特定的监视器.
Ref_002,我不确定 OpenTrace/ProcessTrace/StopTrace 可以让我了解网络使用情况,我也不知道如何使用它.
Ref_003,他们建议使用一些工具,但不是什么我要.
I am looking for a way to get the list of information as the Resource Monitor under windows did, such as:
I want to know the address and the among of send and receive usage of an selected application.
At the beginning I am looking for a c++ win32 api or other open source library to do this, I can find something like GetProcessInformation but it does not include network information.
I saw some similar topics but they didn't help.
Ref_001, It seems the network monitor api cannot do application specific monitor.
Ref_002, I am not sure if OpenTrace/ProcessTrace/StopTrace can get me the network usage or not and also I am not sure how to use it.
Ref_003, They are suggesting some tools but it is not what I want.
推荐答案
Windows 为您提供来自不同功能的两部分信息,您需要将这些信息放在一起以获得完整的故事.嗯,从技术上讲,它是三个函数:对于数据的第二部分,IPv4 和 IPv6 数据有单独的函数.
Windows supplies you with this information in two parts from different functions that you'll need to put together to get the full story. Well, technically, it's three functions: for the second part of the data, there are separate functions for IPv4 and IPv6 data.
第一个函数是 GetExtendedTcpTable.要获得上述所有信息,您可能需要(至少)调用两次:一次使用 TCP_TABLE_OWNER_PID_CONNECTIONS 标志,一次使用 TCP_TABLE_OWNER_MODULE_CONNECTIONS 标志来检索两者本地可执行文件的 PID 和模块名称.
The first function is GetExtendedTcpTable. To get all the information above, you'll probably need to call this (at least) twice: once with the TCP_TABLE_OWNER_PID_CONNECTIONS flag, and once with the TCP_TABLE_OWNER_MODULE_CONNECTIONS flag to retrieve both the PID and the module name of the local executable.
第二对为您提供有关特定连接上发送/接收数据的统计信息.每个连接由本地地址/端口和远程地址端口的组合标识(与上面使用的相同).您使用 IPv4 或 GetPerTcpConnectionEStats 检索信息href="https://msdn.microsoft.com/en-us/library/windows/desktop/bb485735.aspx" rel="noreferrer">GetPerTcp6ConnectionEStats 适用于 IPv6.
The second pair gets you statistics about the data sent/received on a particular connection. Each connection is identified by a combination of local address/port and remote address port (same as used above). You retrieve the information with GetPerTcpConnectionEStats for IPv4 or GetPerTcp6ConnectionEStats for IPv6.
其中任何一个都将检索一个表,表中的每一行都包含一个连接的统计信息.如果您(例如)在浏览器中打开了多个选项卡,可以选择单独显示每个连接的数据,或者您可以根据需要合并它们.
Either of these will retrieve a table, with each row in the table containing statistics for one connection. If you have (for example) multiple tabs open in your browser, could choose to show the data for each connection individually, or you could amalgamate them as you saw fit.
这篇关于windows下如何监控进程网络使用情况的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
