开发者

How (and how often) are the database entries updated in WMI?

开发者 https://www.devze.com 2023-02-18 08:42 出处:网络
We have a requirement to design a monitoring application for our Windows client machines and I\'m chasing up some information on the the WMI architecture. Our current plan is to use fairly simple VBSc

We have a requirement to design a monitoring application for our Windows client machines and I'm chasing up some information on the the WMI architecture. Our current plan is to use fairly simple VBScript scripts to periodically query the database, writing relevant information to flat files for later transfer to a central server (where all the heavy lifting of analysis and reporting already exists for our non-Windows machines.

I've tried looking for an answer to this question on MSDN and the net at large, but all the articles seem particularly "fluffy" - lots of "how to use it" but little on "how it works internally".

Take for example a VBScript segment like:

set wmi = getObject("winmgmts:\\.\root\cimv2")
set itemCpu = wmi.get("Win32_PerfRawData_PerfOS_Processor.Name='_Total'")
n = itemCpu.PercentProcessorTime

or:

set wmi = getObject("winmgmts:\\.\root\cimv2")
set colMem = wmi.execQuery(
    "select AvailableKBytes from Win32_PerfRawData_PerfOS_Memory",,48)

Now, I understand that these goes out to the CIM database and retrieve the relevant entries, and I think there's a disconnect between the collecting of information into that database and the extraction of it.

In other words, statistics are collected and written to the database by Windows regardless of whether anyone is requesting information from said database. My understanding can best be summed u开发者_C百科p as:

+------------+    req/       ======== 
| Monitoring |     resp     /        \     stats    +------------+
|  Processes |  <------->  < Database >  <--------  | Collectors |
|            |              \        /              +------------+
+------------+               ======== 

\_____________________________/    \_____________________________/
         On-demand                        Always happening

But I'm interested in the process whereby the database is populated, in more depth. Things like:

  • How can we tell how often, and under what circumstances, information is added to the database by the Windows "collectors"?
  • Does the Windows kernel write process information on every task switch?
  • Does it write memory information every second?
  • Does it only update the database on demand (when a monitoring application requests information)?

That's the sort of stuff I'm trying to find out.

Does anyone have that sort of information, or links to technically-minded articles or whitepapers on the subject?


In short, the WMI metabase is updated in real time. For example, view systems timezone class:

wmic timezone get /all /format:list

Then change the systems regional zone setting and re-check the timezone class again.

The UAC (from Win VISTA onwards) plays a greater part in WMI infrastructure: http://msdn.microsoft.com/en-us/library/windows/desktop/aa826699(v=VS.85).aspx

This turorial article (pretty good) describes the CIM architecture: http://www.wbemsolutions.com/tutorials/CIM/index.html

This MSDN article describes MOF: http://msdn.microsoft.com/en-us/library/windows/desktop/aa823192(v=vs.85).aspx

So in summary, there is no hard and fast rule for when the CIM database is re-populated, it depends on what the system is doing at the time and/or what a user does.


I'm not sure the information you require is really documented in depth anywhere.

From what I understand of WMI, it is all based around a consumer/provider mechanism and its the implementation of those providers that are responsible for keeping information up-to-date. Your scripts are then consumers.

One book I can recommend to you is "Developing WMI Solutions" by Craig Tunstall and Gwyn Cole. It's about 800 pages and I think it really contains more than enough detail for anyone that wants to work with WMI, including developing consumer applications and custom providers.

http://www.amazon.com/Developing-WMI-Solutions-Management-Instrumentation/dp/0201616130

0

精彩评论

暂无评论...
验证码 换一张
取 消