Diagnostic logging is a highly underrated tool for getting to the heart of different sorts of problems. Windows comes with a global switch to enable verbose diagnostic logging (into the system log) for all applications and services that support it.
To turn on verbose logging:
From this point on, every time the system is started or shut down, or when a user logs off or on, detailed information about the startup/shutdown or about the verification of the user's credentials will be written to the system log. One of the advantages of using this approach is that it involves an easily-leveraged tool that's already built into Windows: the system event log. If you have tools that query the event log automatically (or even manually) you can gather this sort of information from one or even a whole slew of systems that may be experiencing the same problems.
One possible application for this is analyzing slow startup times: since each log entry is timestamped accurate to the second, you can glean detailed information about where things may be held up. (As a side note, one
| of the major reasons for slow startups or logons is slow authentication across a network, or DNS queries that resolve to the wrong server.)
Note that if a particular logging action has no verbose mode, this will not affect anything; this setting simply indicates that any program that writes to the log in both brief and verbose modes should use verbose mode.
Serdar Yegulalp is the editor of the Windows 2000 Power Users Newsletter. Check out his Windows 2000 blog at http://www.thegline.com/win2kblog/ for his latest advice and musings on the world of Windows network administrators -- please share your thoughts as well!
This was first published in April 2003