We just set up Nagios monitoring for some of our Windows (2003) servers, when looking at one of the servers I noticed this on the CPU graph
CPU Graph http://rmg.io/cms/wp-content/uploads/2011/10/showgraphCAB42ATB.png
There is clearly a (or more than one) process that is using 100% of one CPUs capacity, is there any way to identify this process? Task manager/perfmon only show total CPU usage, but our total usage is under 30% yet individual cores spike to 100% constantly.
Best Answer
I frequently use perfmon for such things. You can easily add per process counters and set it to record activity over time.
Additionally, the performance counter api is accessible via wmi namespace at win32_perfformatteddata* classes, for which you could write a script to execute and report perfdata back to your rrdtool instance (as that graph you've posted looks). Also take a look at nagios Exchange and munin's web page for add-ons that might fit your needs. (On train... Sorry for lack of linkage)
http://msdn.microsoft.com/en-us/library/aa394277(v=vs.85).aspx