KBEA-00090 - Monitoring agent side file operations on Windows

Article ID:360032826752
1 minute readKnowledge base

Summary

Procmon may not work or it may cause an unexpected slowdown. Use electrifymon to log agent-side file operations; it is lightweight.

Solution

An instance occurred where procmon always disappeared after a short period of time. Even when procmon worked, it slowed down the agent machine considerably and resulted in a large amount of data. You can use electrifymon to inject a dll into the agent and its child process to log the file operations.

To activate it, add a registry string value under key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ElectricAgent\Parameters,

name: prefix value: c:\ECloud\i686_win32\bin\electrifymon.exe --electrify-log=c:\electrify.log --electrify-localfile=y

On 64-bit Windows, it is c:\ECloud\i686_win32\64\bin\electrifymon.exe.

Then c:\electrify.log will contain the file operations, file name, and the process command line that did the operations.

Applies to

  • Product versions: 5.4.2 and later

  • OS versions: Windows


.

This article is part of our Knowledge Base and is provided for guidance-based purposes only. The solutions or workarounds described here are not officially supported by CloudBees and may not be applicable in all environments. Use at your own discretion, and test changes in a safe environment before applying them to production systems.