![]() However, if you know in advanced of a long-running trace that you will never need to see events for, you can keep them from talking space in the log by choosing Drop Filtered Events option in the filter menu. That way, you always have the option to set a filter, explore the resulting output and then change the filter to see a different set of output. Ordinarily, Procmon will log all system activity, including events that are normally never displayed because of the active filters. In this use case you know what kind of events you are looking for, so you won’t have any problem to set the filters however, what if you need to find out what processes are doing registry operations that modify settings and you have no idea how long it could take? That’s where Drop filtered events comes to rescue. This makes very difficult to find the events you are interested in and, like I said before, the log file can become very large in size. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |