This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] Logging Access to HDD

To: Laszlo Ersek <lersek@xxxxxxxxxx>
Subject: Re: [Xen-devel] Logging Access to HDD
From: Michal Novotny <minovotn@xxxxxxxxxx>
Date: Tue, 19 Apr 2011 12:22:49 +0200
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx, Sebastian Biedermann <biedermann@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Delivery-date: Tue, 19 Apr 2011 03:23:28 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4DAD6175.1090905@xxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <4DAD5296.70204@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <AEC6C66638C05B468B556EA548C1A77D01CC8B2B@trantor> <4DAD5968.1030408@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <4DAD6175.1090905@xxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv: Gecko/20101103 Fedora/1.0-0.33.b2pre.fc14 Lightning/1.0b2 Thunderbird/3.1.6
On 04/19/2011 12:18 PM, Laszlo Ersek wrote:
> On 04/19/11 11:44, Sebastian Biedermann wrote:
>>>> For now, I want to log the disk accesses of a running windows 7 domU
>>>> instance.
>> I dont need to log every single byte, it would be enough to know which
>> file is accessed by the domU inside its image.
> Perhaps try Filemon from Sysinternals ^W^W^W Process Monitor:
> http://technet.microsoft.com/en-us/sysinternals/bb896645
Laszlo, those tools are basically using the API I mentioned above - the
FindFirstChange() or similar API I already mentioned. If Sebastian wants
it to be done for one-time or user-assisted monitoring then it's fine to
use those Sysinternals utilities however if his intention is to create
an application to be monitoring it "on-the-fly" then writing his own app
is better.


Michal Novotny <minovotn@xxxxxxxxxx>, RHCE
Virtualization Team (xen userspace), Red Hat

Xen-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>