FIGURE 33.5. Selecting properties for the event log.



Similar documents
MONITORING MICROSOFT WINDOWS SERVER 2003

Also on the Performance tab, you will find a button labeled Resource Monitor. You can invoke Resource Monitor for additional analysis of the system.

Performance and Reliability Monitoring Step-by-Step Guide for

MCTS Guide to Microsoft Windows 7. Chapter 10 Performance Tuning

Server Manager Performance Monitor. Server Manager Diagnostics Page. . Information. . Audit Success. . Audit Failure

MONITORING PERFORMANCE IN WINDOWS 7

Hands-On Microsoft Windows Server 2008

13 Managing Devices. Your computer is an assembly of many components from different manufacturers. LESSON OBJECTIVES

Viewing and Troubleshooting Perfmon Logs

Using Microsoft Performance Monitor. Guide

Hands-On Microsoft Windows Server 2008

How to Configure Microsoft System Operation Manager to Monitor Active Directory, Group Policy and Exchange Changes Using NetWrix Active Directory

Windows 2003 Performance Monitor. System Monitor. Adding a counter

WINDOWS PROCESSES AND SERVICES

12 NETWORK MANAGEMENT

4cast Client Specification and Installation

CentreWare Management Pack for System Center Operations Manager User Guide Version 1.8

Exclaimer Mail Archiver User Manual

Perfmon Collection Setup Instructions for Windows Server 2008+

System Monitor. Checklist: Monitoring performance. New ways to do familiar tasks. How to... Work with counters

Windows Server 2012 Server Manager

Spotlight on Active Directory Quick Start Guide

vtcommander Installing and Starting vtcommander

NETWRIX FILE SERVER CHANGE REPORTER

Omtool Server Monitor administrator guide

PCVITA Express Migrator for SharePoint(Exchange Public Folder) Table of Contents

If you re the unofficial administrator of your home or small

Sharpdesk V3.5. Push Installation Guide for system administrator Version

Understanding Performance Monitoring

Using Group Policies to Install AutoCAD. CMMU 5405 Nate Bartley 9/22/2005

EMC Celerra Network Server

SHARING FILE SYSTEM RESOURCES

Understanding Task Scheduler FIGURE Task Scheduler. The error reporting screen.

NE-2273B Managing and Maintaining a Microsoft Windows Server 2003 Environment

SCCM Client Checklist for Windows 7

Using Windows Administrative Tools on VNX

Outlook . Step 1: Open and Configure Outlook

Dell Active Administrator 8.0

5nine Hyper-V Commander

Chapter 3 Application Monitors

Load Manager Administrator s Guide For other guides in this document set, go to the Document Center

DigitalPersona Pro Server for Active Directory v4.x Quick Start Installation Guide

Test Note Phone Manager Deployment Windows Group Policy Sever 2003 and XP SPII Clients

Legal Notes. Regarding Trademarks KYOCERA Document Solutions Inc.

Releasing blocked in Data Security

SOLIDWORKS Enterprise PDM - Troubleshooting Tools

NetWrix SQL Server Change Reporter

NETWRIX WINDOWS SERVER CHANGE REPORTER

Lesson Plans Microsoft s Managing and Maintaining a Microsoft Windows Server 2003 Environment

VERITAS Backup Exec 9.1 for Windows Servers Quick Installation Guide

Create, Link, or Edit a GPO with Active Directory Users and Computers

Contents 1. Introduction 2. Security Considerations 3. Installation 4. Configuration 5. Uninstallation 6. Automated Bulk Enrollment 7.

NetWrix SQL Server Change Reporter

MCSE Objectives. Exam : TS:Exchange Server 2007, Configuring

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

Copyright

Administrator s Guide

Monitoring Oracle Enterprise Performance Management System Release Deployments from Oracle Enterprise Manager 12c

Understanding Operating System Configurations

Moving the Web Security Log Database

MAPILab Search for Exchange. Administrator s Guide. Version 1.3

MCTS Guide to Configuring Microsoft Windows Server 2008 Active Directory. Chapter 13: Server Management and Monitoring

There are numerous ways to access monitors:

June 20, Copyright 2012 by World Class CAD, LLC. All Rights Reserved.

Chapter. Managing Group Policy MICROSOFT EXAM OBJECTIVES COVERED IN THIS CHAPTER:

HarePoint Password Change Manual

Installing Management Applications on VNX for File

Administrator s Guide

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

BACKUP MICROSOFT OUTLOOK/OUTLOOK EXPRESS

CONFIGURING MICROSOFT SQL SERVER REPORTING SERVICES

CONFIGURING TARGET ACTIVE DIRECTORY DOMAIN FOR AUDIT BY NETWRIX AUDITOR

Monitoring Replication

VMware vrealize Operations for Horizon Administration

HELP DOCUMENTATION E-SSOM DEPLOYMENT GUIDE

Thin Client Manager. Table of Contents. 1-10ZiG Manager. 2 - Thin Client Management. 3 - Remote client configurations. 1 of 16

Citrix EdgeSight User s Guide. Citrix EdgeSight for Endpoints 5.4 Citrix EdgeSight for XenApp 5.4

Event Based Interface


FileNet System Manager Dashboard Help

MCSE Core exams (Networking) One Client OS Exam. Core Exams (6 Exams Required)

Installation Guide - Client. Rev 1.5.0

Windows 2000 Professional User Manual

PCVITA Express Migrator for SharePoint (File System) Table of Contents

Out n About! for Outlook Electronic In/Out Status Board. Administrators Guide. Version 3.x

6.9. Administrator Guide

Module 12. Configuring and Managing Storage Technologies. Contents:

DeviceLock Management via Group Policy

ERserver. iseries. Work management

TECHNICAL DOCUMENTATION SPECOPS DEPLOY / APP 4.7 DOCUMENTATION

How To Set Up Safetica Insight 9 (Safetica) For A Safetrica Management Service (Sms) For An Ipad Or Ipad (Smb) (Sbc) (For A Safetaica) (

SonicWALL CDP 5.0 Microsoft Exchange InfoStore Backup and Restore

HyperFS PC Client Tools

Fairfield University Using Xythos for File Sharing

Microsoft IAS Configuration for RADIUS Authorization

NetWrix Account Lockout Examiner Version 4.0 Administrator Guide

NETWRIX CHANGE NOTIFIER

TROUBLESHOOTING INCORRECT REPORTING OF THE WHO CHANGED PARAMETER

Windows Operating Systems. Basic Security

GFI LANguard 9.0 ReportPack. Manual. By GFI Software Ltd.

Transcription:

1358 CHAPTER 33 Logging and Debugging Customizing the Event Log The properties of an event log can be configured. In Event Viewer, the properties of a log are defined by general characteristics: log path, current size, date created, when last modified or accessed, maximum size, and what should be done when the maximum log size is reached. To customize the event log, access the properties of the particular log by highlighting the log and selecting Action and then Properties. Alternatively, you can right-click the log and select Properties to display the General tab of the log s property page, as shown in Figure 33.5. FIGURE 33.5 Selecting properties for the event log. The Log Size section specifies the maximum size of the log and the subsequent actions to take when the maximum log size limit is reached. The three options are as follows:. Overwrite Events as Needed (Oldest Events First). Archive the Log When Full, Do Not Overwrite Events. Do Not Overwrite Events (Clear Logs Manually) If you select the Do Not Overwrite Events option, Windows Server 2008 R2 stops logging events when the log is full. Although Windows Server 2008 R2 notifies you when the log

Performance and Reliability Monitoring 1359 is full, you need to monitor the log and manually clear the log periodically so new events can be tracked and stored in the log file. In addition, log file sizes must be specified in multiples of 64KB. If a value is not in multiples of 64KB, Event Viewer automatically sets the log file size to a multiple of 64KB. When you need to clear the event log, click the Clear Log button in the lower right of the property page. Understanding the Security Log Effectively logging an accurate and wide range of security events in Event Viewer requires an understanding of auditing in Windows Server 2008 R2. It is important to know events are not audited by default. You can enable auditing in the local security policy for a local server, the domain controller security policy for a domain controller machine, and the Active Directory (AD) Group Policy Object (GPO) for a domain. Through auditing, you can track Windows Server 2008 R2 security events. It is possible to request that an audit entry be written to the security event log whenever certain actions are carried out or an object such as a file or printer in AD is accessed. The audit entry shows the action carried out, the user responsible for the action, and the date and time of the action. 33 Performance and Reliability Monitoring Performance is a basis for measuring how fast application and system tasks are completed on a computer and reliability is a basis for measuring system operation. How reliable a system is will be based on whether it regularly operates at the level at which it was designed to perform. Based on their descriptions, it should be easy to recognize that performance and reliability monitoring are crucial aspects in the overall availability and health of a Windows Server 2008 R2 infrastructure. To ensure maximum uptime, a wellthought-through process needs to be put in place to monitor, identify, diagnose, and analyze system performance. This process should invariably provide a means for quickly comparing system performances at varying instances in time, detecting, and potentially preventing a catastrophic incident before it causes system downtime. Performance Monitor, which is a Microsoft Management Console (MMC) snap-in, provides a myriad of tools for administrators so they can conduct real-time system monitoring, examine system resources, collect performance data, and create performance reports from a single console. This tool is literally a combination of three legacy Windows Server monitoring tools: System Monitor, Performance Monitor, and Server Performance Advisor. However, new features and functionalities have been introduced to shake things up, including Data Collector Sets, resource view, scheduling, diagnostic reporting, and wizards and templates for creating logs. To launch the Performance Monitor MMC snap-in tool, select Start, All Programs, Administrative Tools, Performance Monitor, or type perfmon.msc at a command prompt.

1360 CHAPTER 33 Logging and Debugging The Performance Monitor MMC snap-in is composed of the following elements:. Overview Screen. Performance Monitor. Data Collector Sets. Report Generation The upcoming sections further explore these major elements found in the Performance Monitoring tool. Performance Monitor Overview The first area of interest in the Performance Monitor snap-in is the Overview of Performance Monitor screen, also known as the Performance icon. It is displayed as the home page in the central details pane when the Performance Monitor tool is invoked. The Overview of Performance Monitor screen presents holistic, real-time graphical illustrations of a Windows Server 2008 R2 system s CPU usage, disk usage, network usage, and memory usage, as displayed in Figure 33.6. FIGURE 33.6 Viewing the Overview of Performance Monitor screen. Additional process-level details can be viewed to better understand your system s current resource usage by reviewing subsections beneath each metric being displayed. For

Performance and Reliability Monitoring 1361 example, the Memory section includes % Committed Bytes in Use, Available Mbytes, and Cache Faults/sec. The Overview of Performance Monitor screen is the first level of defense when there is a need to get a quick overview of a system s resources. If quick diagnosis of an issue cannot be achieved, an administrator should leverage the additional tools within Performance Monitor. These are covered in the upcoming sections. Performance Monitor Windows Server 2008 R2 comes with two tools for performance monitoring. The first tool is called Performance Monitor and the second tool is known as Reliability Monitor. In the previous release of Windows, the Reliability Monitor tool was included in the Reliability and Performance snap-in. With Windows Server 2008 R2, the Reliability Monitor tool has been removed from the Performance Monitor console. The improved Performance Monitor tool provides performance analysis and information that can be used for bottleneck, performance, and troubleshooting analysis. 33 First, defining some terms used in performance monitoring will help clarify the function of Performance Monitor and how it ties in to software and system functionality. The three components noted in Performance Monitor, Data Collector Sets, and Reports are as follows:. Object Components contained in a system are grouped into objects. Objects are grouped according to system functionality or by association within the system. Objects can represent logical entities such as memory or a physical mechanism such as a hard disk drive. The number of objects available in a system depends on the configuration. For example, if Microsoft Exchange Server is installed on a server, some objects pertaining to Exchange would be available.. Counter Counters are subsets of objects. Counters typically provide more detailed information for an object such as queue length or throughput for an object. The System Monitor can collect data through the counters and display it in either a graphical format or a text log format.. Instances If a server has more than one similar object, each one is considered an instance. For example, a server with multiple processors has individual counters for each instance of the processor. Counters with multiple instances also have an instance for the combined data collected for the instances. Performance Monitor provides an interface that allows for the analysis of system data, research performance, and bottlenecks. Performance Monitor displays performance counter output in line graphs, histogram (bar chart), and report format. The histogram and line graphs can be used to view multiple counters at the same time, as shown in Figure 33.7. However, each data point displays only a single value that is independent of its object. The report view is better for displaying multiple values.

1362 CHAPTER 33 Logging and Debugging FIGURE 33.7 The graph view of Performance Monitor. Launching Performance Monitor is accomplished by selecting Performance Monitor from the Monitoring Tools folder in the Performance Monitor MMC snap-in. You can also open it from a command line by typing Perfmon.msc. When a new Performance Monitor session is started, it loads a blank system monitor graph into the console with % Processor Time as the only counter defined. Adding Counters with Performance Monitor Before counters can be displayed, they have to be added. The counters can be added simply by using the menu bar. The Counter button on the toolbar includes Add, Delete, and Highlight. You can use the Add Counter button to display new counters. On the other hand, use the Delete Counter button to remove unwanted counters from the display. The Highlight Counter button is helpful for highlighting a particular counter of interest; a counter can be highlighted with either a white or black color around the counter. The following step-by-step procedures depict how to add counters to Performance Monitor: 1. In the navigation tree of Performance Monitor, first expand Performance, Monitoring Tools, and then Performance Monitoring. 2. Either click the Add icon in the menu bar or right-click anywhere on the graph and select Add Counters. NOTE Typical baseline counters consist of Memory - Pages/Sec, PhysicalDisk - Avg. Disk Queue Length, and Processor - % Processor Time.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information