Using SysInternals Process Monitor (procmon.exe or procmon64.exe), how do I trace a process with a given PID and its child processes?
My first (naïve) idea was to include both "PID is 1234" and "Parent PID is 1234" predicates -- only to find out that they are joined using AND rather than OR, and thus are mutually exclusive.
Is it possible to somehow join filters with OR?