How to obtain the Java Process ID (PID) for named DLP service sub-processes on Windows
search cancel

How to obtain the Java Process ID (PID) for named DLP service sub-processes on Windows

book

Article ID: 271225

calendar_today

Updated On:

Products

Data Loss Prevention

Issue/Introduction

For troubleshooting or memory dump capture, there is a need to identify which java.exe process is associated with a given DLP service, for example, Aggregator or DLP Detection Server Service.

Environment

Release : 16.0

Cause

It was previously possible before DLP 16.0 to show the "command line" output in Task Manager Details and correlate a java process, but in DLP 16.0 this field contains more information than can be displayed in the description field.

Resolution

Using Powershell on a Windows system, this information can be garnered with the following query:

Get-CimInstance Win32_Process -Filter "name = 'java.exe'" | Select-Object ProcessId, Name, @{label='Service';expression={$_.CommandLine.Substring($_.CommandLine.LastIndexof('com.vontu'))}}, WorkingSetSize, UserModeTime, PageFaults, PageFileUsage, HandleCount  | Out-GridView

Example output:

Using the above example, an Endpoint servers Aggregator process would be PID 15,328.  This detail could be used for memory dump capture or performance monitoring, among other uses.

Powered by Wolken Software