Progress indication for scripts on Windows

Published: 2018-07-03
Last Updated: 2018-07-03 16:45:26 UTC
by Didier Stevens (Version: 1)
5 comment(s)

I regularly have long-running scripts or programs on Windows that crunch through log files.

Often, the disadvantage with these programs, especially home-brew scripts, is that you have no idea how much progress they have made, or when they will finish.

I use a simple trick to get an idea: I use Microsoft Sysinternals' Process Explorer to check how much bytes have been read/written by a process.

First I select the appropriate columns for the main view:

And then I can get an idea of the progress of each process:

Do you know a better/different trick? Or for another OS? Please post a comment.

In my next diary entry, I'll give an example for dd.

Didier Stevens
Senior Handler
Microsoft MVP

5 comment(s)


One of my pet peeves are important cron jobs that use email for notifications. Inevitably, they either email someone no longer around or they send "All is well" emails... so many that every recipient filters them to a separate folder and then nobody sees the "all is NOT well" email notifications. I spent several months tracking down a bunch of these and changing them to use send_nsca to notify a nagios notification to a passive service. That way nagios would quietly log all the "all is well" statuses and only send notifications for the all is not well sort of states.

But there's no reason you couldn't have a script send a bunch of different notifications stating how far along it was in it's execution. If the script ever exited with an error, if you catch error conditions properly, you could even report that to nagios and have nagios send you an email or a text or whatever on error conditions but just quietly log the state of progress as the script ran.
The only downside of using Process Explorer for that, is that the counter starts at the point you start Process Explorer. If your job has been running 10 minutes, you've no idea how far into it you are.

If you trace it with Process Monitor instead (set a Path filter to the name of the log file, and tell it to drop filtered events), then it will actually tell you the byte offset it is currently reading into the file at. You'll be able to work out exactly how far through it is at that point.

On Solaris, if memory serves, iosnoop does similar
If it's a Powershell script that you watch in a window, you can use the Write-Progress commandlet to display a progress bar (either text or graphical) The script has to drive it by whatever metrics make sense (and it can measure)
What version of PE & OS are you referring to lansalot?

It's not a problem with recent versions of PE.
In Windows I use a script with WMI Process to get the bytes read and written by wbengine (backup) and 7z this gets logged along with the start times of the processes (also from WMI Process) which gives eta etc.

Diary Archives