There are different ways to collect procudmp depending upon scenario.
In case the system is freezed and you want to collect dump of a specific process, for example explorer.exe:
- Download Procdump first only from below link
- https://learn.microsoft.com/en-us/sysinternals/downloads/procdump
- Extract it to C:\Temp before the issue repro.
- When the issue occurs, follow the below steps to trigger dump of Explorer process
- Send Ctrl+AltDel and click on Task manager
- In Task manager > File > Run new task > CMD (Check run as admin) > Navigate to C:\temp using CD C:\temp
- Type below command and enter. Right-click on Task bar and enter.
- Procdump.exe -ma -s 3 -n 5 Explorer.exe
- It will generate complete dump of explorer exe
______________________
- Run the procdump (Download from: https://docs.microsoft.com/en-gb/sysinternals/downloads/procdump) with following parameter. Make sure you run it
from the directory where you have copied the procdump.exe and also open
the command prompt as an “Administrator”
- command will look like following:
procdump –ma <PID of worker
process(w3wp.exe)> -C 60 -s 5 -n 3
- c is CPU usage (in this case 60%)
- s is the time it stays high (in this example 5 seconds)
- n is number of dumps (in this example 3)
Therefore, this command simply means If CPU consumption is 60% (or more) for 5 seconds (or more), then capture 3 Full user dumps
- The dump file will be created in the same location as
procdump.exe
No comments:
Post a Comment