SkillAgentSearch skills...

ProcessMonitoring

Library to monitor process starts and stops on Windows powered by C#

GenerateConvertImprove

Install / Use

/learn @LegendaryB/ProcessMonitoring
About this skill

Quality Score

0/100

Category

Operations

Supported Platforms

Universal

README

<div align="center">

forthebadge forthebadge

GitHub license

Library to monitor process start/stop on Windows powered by C#.

</div><br>

🎯 Features

  • Process start/stop monitoring via ETW - requires administrator privileges.
  • Process start/stop monitoring via WMI - requires administrator privileges.

📝 Usage

Retrieve a IProcessMonitor instance from the static ProcessMonitorFactory

// Possible monitor strategies are: ETW (Event Tracing Windows) and WMI (Windows Management Instrumentation)
var monitor = ProcessMonitorFactory.Create(ProcessMonitoringStrategy.ETW);

// OR
monitor = ProcessMonitorFactory.CreateWMIProcessMonitor();

// OR
monitor = ProcessMonitorFactory.CreateETWProcessMonitor();

Listening for the ProcessStart event

monitor.OnProcessStart += OnProcessStart;
monitor.Start();

private static void OnProcessStart(object? sender, ProcessEventData data)
{
    Console.ForegroundColor = ConsoleColor.Green;

    Console.WriteLine(
        $"Process name: {data.ProcessName}\n" +
        $"Process id: {data.ProcessID}\n" +
        $"Parent process id: {data.ParentProcessID}\n" +
        $"Executable path: {data.ExecutablePath}\n" +
        "Properties (key, value):");

    foreach (var property in data.Properties)
        Console.WriteLine($"\t{property.Key}, {property.Value}");

    Console.WriteLine("===================================================================");

    Console.WriteLine();
}

Listening for the ProcessStop event

monitor.OnProcessStop += OnProcessStop;
monitor.Start();

private static void OnProcessStop(object? sender, ProcessEventData data)
{
    Console.ForegroundColor = ConsoleColor.Red;

    Console.WriteLine(
        $"Process name: {data.ProcessName}\n" +
        $"Process id: {data.ProcessID}\n" +
        $"Parent process id: {data.ParentProcessID}\n" +
        $"Executable path: {data.ExecutablePath}\n" +
        "Properties (key, value):");

    foreach (var property in data.Properties)
        Console.WriteLine($"\t{property.Key}, {property.Value}");

    Console.WriteLine("===================================================================");

    Console.WriteLine();
}

ProcessEventData

Depending on the choosen monitoring strategy the ProcessEventData.Properties dictionary may contain different data.

Related Skills

tmux

342.0k

Remote-control tmux sessions for interactive CLIs by sending keystrokes and scraping pane output.

blogwatcher

342.0k

Monitor blogs and RSS/Atom feeds for updates using the blogwatcher CLI.

product

Cloud-agnostic Kubernetes infrastructure with Terraform & Helm for homelabs, edge, and production clusters.

Unla

2.1k

🧩 MCP Gateway - A lightweight gateway service that instantly transforms existing MCP Servers and APIs into MCP servers with zero code changes. Features Docker deployment and management UI, requiring no infrastructure modifications.

LegendaryB

View profile

View on GitHub
GitHub Stars7
CategoryOperations
Updated6mo ago
Forks2
LegendaryB/ProcessMonitoring

Languages

C#

Security Score

82/100

Audited on Sep 11, 2025

No findings