SearchWindowsServer.com

Performance Logs and Alerts: A guide to the Windows Server 2003 utility

By Rahul Shah, Contributor

Windows Server 2003 comes with two performance monitoring tools which give administrators the data they need to find bottlenecks and for troubleshooting Windows.

I discussed System Monitor a previous article. In this tip I'll discuss the second tool, Performance Logs and Alerts.

The Performance Logs and Alerts utility has two types of performance-related logs: counter logs and trace logs. These logs are used for advanced performance analysis and data logging over a period of time. The utility also has a mechanism to trigger alerts.

Some performance analysis improvements are new in Windows Server 2003. One is the ability to run log collections under different accounts. For example, if you need to log data from a remote server that requires administrator privileges, the system will allow you to specify an account with the necessary permissions using the Run As feature. Another improvement is the ability to support log files greater than 1GB. Performance data can also be appended to an existing log file because of the new log file format.

Note: Data collection occurs regardless of whether a user is logged on to the server being monitored because logging runs as a service.

The three components to Performance Logs and Alerts are trace logs, counter logs and alerts.

Configuring trace logs

Configuring and enabling trace logs to monitor the activities of an application or environment variable is simply a matter of creating a trace log filename and enabling logging. To create a trace log:

  1. Launch the Performance monitoring tool from Start -> Programs -> Administrative Tools -> Performance.
  2. Double-click Performance Logs and Alerts and click once on trace logs.
  3. Right-click a blank area of the details pane on the right of the window and click New Log Settings.
  4. In the Name field, type the name of the trace log you want to create. Click OK.

For a list of installed providers and their status (enabled or not), click Provider Status in the General tab. By default, the Nonsystem Providers option is selected to keep trace logging overhead to a minimum. Click Events Logged by System Provider and check the boxes as appropriate to define events for logging.

On the Log File tab, you can configure the log to be circular, so that when the log file reaches a predetermined size, it will be overwritten.

About the author: Rahul Shah currently works at a software firm in India, where he is a systems administrator maintaining Windows servers. He has also worked for various software firms in testing and analytics, and also has experiences deploying client/server applications in different Windows configurations.

More information on this topic:

02 Mar 2007

All Rights Reserved, Copyright 2000 - 2024, TechTarget | Read our Privacy Statement