Configuration | ||
Controllers | ||
Exceptions | ||
Models | ||
Services | ||
Utils | ||
.gitignore | ||
app.manifest | ||
appsettings.json | ||
install.bat | ||
LICENSE | ||
Program.cs | ||
README.md | ||
webmr-api.csproj | ||
webmr-api.sln |
Process Monitoring Service (WebmrAPI)
This project implements a Windows service designed for comprehensive monitoring of running processes, their memory regions, loaded modules, and threads. It exposes this detailed system information through a RESTful API, making it accessible for remote querying, integration with other systems, or advanced analysis.
Features
-
RESTful API: Provides endpoints to query various aspects of process information.
-
Comprehensive Process Details: Gathers in-depth data including:
-
Basic process information (PID, Name, File Path, Command Line).
-
Detailed Memory Regions (virtual addresses, sizes, protection flags, state, type).
-
Loaded Modules (DLLs) with their base addresses and sizes.
-
Process Threads including their IDs, priorities, and CPU usage.
-
-
Background Scanning & Caching: Periodically scans the system for processes and caches their basic information to reduce overhead on subsequent requests. Detailed information (memory regions, modules, threads) is loaded on demand and also cached with configurable timeouts.
-
CPU Usage Calculation: Dynamically calculates CPU utilization for processes and threads.
-
Pagination & Sorting: API endpoints support pagination (
limit
,offset
) and sorting by various process attributes (sortBy
,desc
). -
Process Name Search: Allows filtering the list of processes by name (partial, case-insensitive match).
-
Windows Service Deployment: Designed to run as a robust, automatically starting Windows Service.
-
Self-Contained Deployment: Published as a self-contained application, meaning it includes all necessary .NET runtime components and does not require .NET to be pre-installed on the target machine.
-
Swagger/OpenAPI: Provides an interactive API documentation interface for easy exploration and testing of endpoints.
How It Works
The Process Monitoring Service
is an ASP.NET Core application configured to run as an IHostedService
within a Windows Service context.
-
Data Collection: It leverages
System.Diagnostics.Process
and low-level Windows API calls (via P/Invoke) to gather detailed information about processes, memory regions, modules, and threads. -
Background Monitoring: The
ProcessMonitor
component periodically scans for running processes and updates a buffered cache. -
API Exposure: An ASP.NET Core Web API layer (
ProcessController
) provides HTTP endpoints to access the cached and on-demand collected data. -
Serialization: All data is serialized to JSON with snake_case naming and pretty-printing for readability.
-
Deployment: The application is published as a self-contained executable for
win-x64
, allowing it to be deployed without requiring a pre-installed .NET Runtime on the target Windows machine. Installation as a Windows Service is managed via a simple batch script (install.bat
) included in the deployment package.
Usage (API Endpoints Examples)
-
GET /api/v1/process
: Get a paginated, sorted, and searchable list of all processes.- Example:
/api/v1/process?pretty=true&sortBy=cpuusage&desc=true&limit=10&offset=0&search=chrome
- Example:
-
GET /api/v1/process/{pid}
: Get full details for a specific process. -
GET /api/v1/process/{pid}/base_info
: Get basic info for a specific process. -
GET /api/v1/process/{pid}/memory_regions
: Get memory regions for a process (with pagination/sorting). -
GET /api/v1/process/{pid}/modules
: Get loaded modules for a process (with pagination/sorting). -
GET /api/v1/process/{pid}/threads
: Get threads for a process (with pagination/sorting).
Deployment
Latest releases can be found here.