Monitoring (ie reading performance metrics op interval)
For traffic capturing, see Network - Trace (Capture|Sniffer|Analyzer) Tool (Packet Analysis)
nethogs. NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process. NetHogs heavily relies on /proc, most features are only available on Linux.
OS - strace (Interactions between processes and the Linux kernel)
To start and monitor an new process:
strace -f -e trace=network -s 10000 PROCESS ARGUMENTS
To monitor an existing process with a known PID:
strace -p $PID -f -e trace=network -s 10000
procmon can capture network event. Open the chm file
Process Monitor uses Event Tracing for Windows (ETW) to trace and record TCP and UDP activity. Each network operation includes the source and destination addresses, as well as the amount of data sent or received, but does not include the actual data.
set PM=C:\sysint\procmon.exe REM ensures that the process detaches from the console window, which allows it to run concurrently with the later commands. start %PM% /quiet /minimized /backingfile C:\temp\notepad.pml REM the batch file to pause until the first instance is up and running and actively capturing events. %PM% /waitforidle start /wait notepad.exe REM the first instance to stop capturing, commit any outstanding data to the backing file and exit cleanly. %PM% /terminate
where Dos - Start Command