One can dump all the string using the following command !dumpheap -type System.string

How can dump or print only those string which starts or contains a specific "string"

Example. I am only intrested to view the string which contains "/my/app/request"

Use sosex instead of sos for this. It has a !strings command which allows you to filter strings using the /m:<filter> option.

Use !sosex.strings. See !sosex.help for options to filter strings based on content and/or length.

Not sure if !dumpheap supports that. You can always use .logopen to redirect the output to a file and post-process that. For a more elegant (and thus more complicated) solution, you can also use .shell to redirect the command output to a shell process for parsing. Here's an example:

http://blogs.msdn.com/b/baleixo/archive/2008/09/06/using-shell-to-search-text.aspx

You can also see the .shell documentation for more details:

http://msdn.microsoft.com/en-us/library/windows/hardware/ff565339(v=vs.85).aspx

If you really want to go without SOSEX, then try

.foreach (string {!dumpheap -short -type System.String}) { .foreach (search {s -u ${string}+c ${string}+c+2*poi(${string}+8) "mySearchTerm"}) { du /c80 ${string}+c }}

It uses

• !dumpheap to get all Strings on .NET heap
• .foreach to iterate over them
• s to search for a substring
• .foreach again to find out if s found something
• some offset calculations to get the first character (+c) of the string and the string length (+8) (multiplied by 2 to get bytes instead of characters). Those need to be adapted in case of 64 bit applications

The /c80 is just for nicer output. You could also use !do ${string} instead of du /c80 ${string}+c if you like the .NET details of the String.