Replace wmi queries with win32 api calls#116
Merged
narph merged 10 commits intoelastic:masterfrom Apr 24, 2019
Merged
Conversation
Fixes elastic/beats#11840 Addresses high CPU load on windows
andrewkroh
reviewed
Apr 19, 2019
sigar_windows.go
Outdated
| args = nil | ||
| } | ||
| } | ||
| var process = Win32_Process{CommandLine: &args[0]} |
Member
There was a problem hiding this comment.
I think we can remove the Win32_Process struct completely.
sigar_windows.go
Outdated
| if err != nil { | ||
| return nil | ||
| } | ||
| var args []string |
Member
There was a problem hiding this comment.
Instead of creating a variable, what about just using self.List directly?
narph
changed the title
ruflin
approved these changes
Apr 24, 2019
ruflin
reviewed
Apr 24, 2019
CHANGELOG.md
Outdated
| ### Fixed | ||
| - Added missing runtime import for FreeBSD. #104 | ||
| - Handle nil command line in Windows processes. #110 | ||
| - Replaced the WMI queries with win32 apis due to high CPU usage. #11840 |
rubionic
added a commit
to rubionic/gosigar
that referenced
this pull request
Oct 3, 2025
This PR combines two critical fixes: 1. macOS Fix (from cloudfoundry#77): - Updates sigar_darwin.go to use unix.SysctlUint64() for reading sysctl values - Fixes checkptr violations in Go 1.22+ when accessing uint64 values 2. Windows Fix (from elastic#116): - Implements ProcArgs.Get() using Win32 API instead of returning ErrNotImplemented - Replaces WMI queries with direct ReadProcessMemory and NtQueryInformationProcess calls - Adds helper functions: GetUserProcessParams, ReadProcessUnicodeString, ByteSliceToStringSlice - Adds syscall bindings for ReadProcessMemory and GetTickCount64 Fixes rkoster/rubionic-workspace#38
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes elastic/beats#11840
Alternative to disable config option here elastic/beats#3249
Addresses high CPU load on windows