Process Data Collection
    • Dark
    • PDF

    Process Data Collection

    • Dark
    • PDF

    Article summary

    The ControlUp Agent gathers data for all Windows processes running on your managed Windows machines. However, data collection for system processes may not always be necessary. You can use the Process Data Collection feature to specify which system-level and user processes should not be collected by the ControlUp Agent.


    This feature applies only to Windows processes. It doesn't apply to Linux processes.

    Feature Overview

    • By default starting with version 8.8 Maintenance Release, all Windows system-level processes are excluded from being collected by the ControlUp Agent. This improves overall performance and usage, by avoiding collecting data on system processes that have no performance impact on your environment.
    • If, however, you want to include system-level processes and collect that data, you can include them in the Process Inclusion List.
    • You can also choose to not collect data on user processes (in addition to the system processes which by default are not collected) by adding them to the Process Exclusion List.
    • If you add a process to both the Process Inclusion and Exclusion Lists, the process data will not be collected.
    • You can define thresholds to exclude processes that don't match filter criterias.

    As a reminder, by default the ControlUp Agent collects data on the following processes:

    • All processes running in user sessions
    • All processes that cross performance thresholds
      Only system processes that NOT cross the performance thresholds are not monitored by default.


    • Reduces resource usage of the ControlUp Agents and Monitors, leading to better overall data collection and performance.
    • By excluding system and user processes that aren't relevant to your organization, you can reduce the amount of noise in the collected data.
    • You can expect 50%-70% process reduction, which can lead to more scalable ControlUp Monitor and faster web console performance.

    What Are System Processes?

    System-level processes are all processes that run under SessionID = 0

    Default Processes in the Inclusion List

    We have defined a set of processes that are always included by default, but are not listed in the Inclusion List. You can find the list here.


    • As this feature is an agent-based feature, you need to upgrade all ControlUp Agents to version 8.8 MR. Note that version 8.8 GA does not support this feature.

    How to Use Process Data Collection

    In the Real-Time DX console, go to Settings > Process Data Collection.

    Select the Restrict data collection to processes in the Inclusion List and user-attached processes checkbox to enable Process Data Reduction. If you don't select the checkbox, the agents will collect all data for all processes.

    Use the following sections in the Process Data Collection tab to configure data collection settings:

    Working with Thresholds (Advanced)

    You can set CPU, memory or storage thresholds to apply to all system processes that do not appear in the Inclusion and Exclusion Lists.

    A process that matches one of the following threshold criteria will be collected. If a process doesn't match any of the threshold criteria, it won't be collected.

    For example:

    • Avg. CPU is equal or higher than 1% OR
    • Avg. Working Set is equal or higher than 100 MB OR
    • Avg. IOPS is equal or higher than 10 IOPS.

    The metrics that serve as the basis for calculating the thresholds are displayed in the table below:

    Threshold MetricReal-Time MetricField in Process Table (Monitor In-RAM DB)
    MemoryMemory (Working Set)WorkingSetSize
    IO RateI/O Operations/secIOOperationsPerSec

    Note that the minimum values for all thresholds is 1. For example, you can't set CPU >= 0% as the UI will not allow you to save this setting.

    Zero Values

    If a process uses 0% CPU or 0 IOPS, then the filter will be ignored. As best practice, don't use such low threshold values for filtering processes.

    For example, let's consider the MsMpEng.exe process (Microsoft Windows Defender) that runs under the NT AUTHORITY\SYSTEM user. This process is a system process that automatically qualifies for threshold settings. On our two managed machines, the process consumes 0% CPU, 144/169 MB memory, and 0 IOPS:

    Change the memory threshold to 200 MB, the CPU value to "1", and the IOPS value to "10". Remember that "0" values are ignored in the filter criteria.

    In the real-time view, you can now see that the process isn't displayed anymore, as the memory filter criteria isn't met (144 and 169 MB is less than 200 MB).

    Enable/Disable Process Data Collection per Agent

    You can also enable or disable the Process Data Collection feature per agent by using the following registry settings:

    Registry Key: HKLM\SOFTWARE\Smart-X\ControlUp\Agent
    Relevant Value: ProcessReduction
    Data Type: REG_DWORD
    Possible Data Values: 0 (Disabled), 1 (Enabled)

    After Configuration

    You aren't required to restart agent machines after you change your Process Data Collection configuration.

    Process Data Collection in Web UI

    If you use our web UI, you can view the aggregated number of processes that you specifically select to monitor in the Monitored Processes column in the grid of the Machines view in the topology.

    Web UI reports with charts that list the names of the top resource consumers, such as Machine Trends, only display data collected from monitored processes that match all threshold criteria.

    Was this article helpful?