Author: Rich

Just another IT guy.

List top processes using memory from Windows commandline

This seems to do the trick for listing processes by memory usage. I’m most interested in the top 9 processes (I have to figure out why the regexp isn’t working in findstr for anything over 10 in a range like [1-15].

tasklist /NH | sort /R /+65 | findstr /N . | findstr  "^[1-9]:"

Here’s an example output.

C:\Users\rjk>tasklist /NH | sort /R /+65 | findstr /N . | findstr  "^[1-9]:"
1:dwm.exe                       1640 Console                    1  4,232,012 K
2:OUTLOOK.EXE                  10600 Console                    1    590,128 K
3:explorer.exe                  3824 Console                    1    342,608 K
4:SearchHost.exe                7016 Console                    1    316,300 K
5:chrome.exe                    4340 Console                    1    279,036 K
6:PhoneExperienceHost.exe      13136 Console                    1    231,060 K
7:MsMpEng.exe                  12364 Services                   0    215,128 K
8:testEmbedNet9401.servUnde     1772 Console                    1    205,808 K
9:msedge.exe                   26452 Console                    1    189,468 K

This goes in line with some other work I’ve done in determining CPU usage using command line (wmic specifically) from the following articles:

Delete saved passwords for Chrome and Edge from the command line

After implementing a Group Policy to prohibit saving of passwords in Google Chrome and Microsoft Edge, the previously saved passwords are still on the system. To remove these from multiple systems, a simple script can be deployed via GPO at User Logon to do the work. Otherwise, on a case-by-case basis, the passwords can be cleared by going into each browser’s settings and then the passwords section to clear saved passwords.

@echo off

taskkill /f /im msedge.exe
taskkill /f /im chrome.exe

del "%LocalAppData%\Google\Chrome\User Data\Default\Login Data" /q
del "%LocalAppData%\microsoft\edge\User Data\Default\Login Data" /q

mmc – Windows cannot access the specified device, path, or file.

If you get the following error on a Windows Server (possibly desktop client), you can use the local group policy editor to resolve this. It commonly impacts Server 2019 systems promoted to a domain controller wherein the UAC admin approval mode is reset and does not contain a value (Enabled or Disabled).

Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item.

Security Settings / Local Policies / Security Options / User Account Control: Admin Approval Mode for the Built-in Administrator account.

Website Performance Analysis and Graphing – Debian NodeJS + Puppeteer + Cacti

Looking to capture some performance metrics for website from the Linux command line and eventually get it into Cacti (RRD).

Here are my scattered notes on this process. I’m not very familiar with NodeJS stuff, so I’m documenting from installation of NodeJS on Debian 11 to creating the project.

Install NodeJS, Puppeteer and Chromium headless on Debian 11

Install NodeJS

curl -fsSL https://deb.nodesource.com/setup_14.x | sudo -E bash -
apt install -y nodejs

Create Project

mkdir test_project
cd test_project
npm init

Install NodeJS Puppeteer

npm i puppeteer --save

Install Debian dependencies for Chromium

See: https://github.com/puppeteer/puppeteer/blob/main/docs/troubleshooting.md#chrome-headless-doesnt-launch-on-unix

This is what I needed to grab:

apt install libatk-bridge2.0-0 libatk1.0-0 libxcb1 libxcomposite1 libxcursor1 libxdamage1 libxext6 libxrandr2 libxrender1 libgbm1 libxkbcommon-x11-0

Write the Application

This is basic idea copied and modified from something I found online on SO. It takes an argument, the website, passed.

Create index.js:

const puppeteer = require('puppeteer');

(async () => {
        const browser = await puppeteer.launch({
        ignoreDefaultArgs: ['--no-sandbox'],
});
        const page = await browser.newPage();

        const t1 = Date.now();
        await page.goto(process.argv[2], { waitUntil: 'networkidle0'});
        const diff1 = Date.now() - t1;

        await browser.close();
        console.log(`Time: ${diff1}ms`);
})();

To run it:

node app.js https://google.com

Example output:

Time: 1201ms

Integrate with Cacti

TODO

The basic idea is to be able to call the node app.js https://website/ and have it return a metric (milliseconds) that can be stored into an RRD and then graphed upon. Concern would be ensuring that the poller allows for script completion — I’m not sure what would happen if node can’t complete the job before the poller times out.

Other Methods

Some things I scoured from the internet.

Curl

curl -s -w 'Testing Website Response Time for :%{url_effective}\n\nLookup Time:\t\t%{time_namelookup}\nConnect Time:\t\t%{time_connect}\nAppCon Time:\t\t%{time_appconnect}\nRedirect Time:\t\t%{time_redirect}\nPre-transfer Time:\t%{time_pretransfer}\nStart-transfer Time:\t%{time_starttransfer}\n\nTotal Time:\t\t%{time_total}\n' -o /dev/null https://example.com/wp-json/wc/v3
Testing Website Response Time for :https://example.com/wp-json/wc/v3

Lookup Time:            0.004972
Connect Time:           0.053358
AppCon Time:            0.112053
Redirect Time:          0.000000
Pre-transfer Time:      0.112155
Start-transfer Time:    0.746088

Total Time:             0.851602

Cacti: Using Cacti to monitor web page loading

The AskAboutPHP.com has a PHP script to grab some info (not rendering, but at least some of the connection timings) and walks through how to integrate with Cacti for graphing. There are 3 parts:

Part 1: http://www.askaboutphp.com/2008/09/17/cacti-using-cacti-to-monitor-web-page-loading-part-1/

Part 2: http://www.askaboutphp.com/2008/09/19/cacti-using-cacti-to-monitor-web-page-loading-part-2/

Part 3: http://www.askaboutphp.com/2008/09/19/cacti-using-cacti-to-monitor-web-page-loading-part-3/

For modern systems, you’ll need to fix up the pageload-agent.php file to fix the line and remove deprecated and removed function eregi to match the following (line 10):

if (!preg_match('/^https?:\/\//', $url_argv, $matches)) {
                $url_argv = "https://$url_argv";
        }

Unable to negotiate with port 22: no matching key exchange method found.

Working with an older Cisco ASA, I was not able to directly SSH to the host using SSH on Windows unless I specified the diffie-hellman-group1-sha1 algorithm.

PuTTY gives the following warning:

For Windows, I can use the following command to SSH (as well as SCP).

ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 user@host