OverviewCloudamize relies on Windows performance counters to provide accurate usage data for a system's CPU, memory, storage, networking, and more. These performance counters can become corrupt in a number of ways, and Cloudamize is unable to collect the accurate data needed to perform an assessment and provide useful results. The only way to perform an assessment when this occurs is to fix the underlying problem with the performance counters. Show
Solution #1 - AutomaticThe first solution to try when Windows performance counters are known to be corrupt is attempt to automatically restore the performance counter registry settings. This is done by running a single command from the Windows Command Prompt. Follow the steps below to attempt this fix:
After running the lodctr command, you will see output as to whether this command succeeded or not. If the command reports success, you should verify that the Windows performance counters are actually restored. You can manually check if the counters are available using the Windows Performance Monitor tool. Follow these steps to test if the performance counters are restored:
If the counters are working correctly, you should see data being plotted in the PerfMon main window. You should also check that installed performance counters are enabled using the command Any disabled counters will appear with their name in [] and the disabled message, for example if OS performance counters are disabled you might see:
CODE To enable any disabled counters, use the command:
CODE Using the above example for OS performance counters (PerfOS), the command used would be: This will set that counter to enabled, which you can confirm with the lodctr command with /Q again. Please contact if you have not already been instructed as to which performance counters are missing, or if you have any additional questions on this process. Solution #2 - ManualThe second solution to try may be necessary when automatically restoring the performance counter registry settings does not fix the problem. This solution involves checking that counters are not disabled in the registry, and if necessary, manually rebuilding the performance counter library values. We strongly recommend backing up your registry settings before manually changing any values. There are two guides from Microsoft's support site which walk you through these processes, including how to backup the registry settings: Manually Rebuild Performance Counter Library Values (Server 2008 and 2008 R2) Manually Rebuild Performance Counter Library Values After attempting to rebuild the Windows performance counters, you should use the above steps to manually validate success using PerfMon. Then, contact and let us know which steps you have taken and if you were able to restore the counters so that we may continue data collection. Lesson 1: Monitoring serversUnwatched servers, like unwatched children, invariably end up in a chaotic state. Monitoring a server using data collector sets, alerts, and events enables you to keep an eye on the server’s performance and configuration. Although effective monitoring is unlikely to stop a server from ever experiencing problems, it often provides warning signs about developing problems, giving you a chance to resolve them before they cause a service disruption. In this lesson, you learn how to configure data collector sets, manage alerts, monitor events, and perform network monitoring. Configuring data collector setsData collector sets enable you to collect performance data, system configuration information, and statistics into a single file. You can use Performance Monitor or other third-party tools to analyze this information to make a determination about how well a server is functioning against an assigned workload. You can configure data collector sets to include the following:
Windows Server 2012 and Windows Server 2012 R2 include the following built-in data collector sets, as shown in Figure 10-1. FIGURE 10-1 Built-in data collector sets
To create a data collector set, perform the following steps:
You can schedule when a data collector set runs by configuring the Schedule tab of a data collector set’s properties as shown in Figure 10-6. FIGURE 10-6 Configure data collector set schedule Managing alertsPerformance counter alerts enable you to configure a task to run when a performance counter, such as available disk space or memory, falls under or exceeds a specific value. To configure a performance counter alert, you create a new data collector set, choose the Create Manually option, and select the Performance Counter Alert option, as shown in Figure 10-7. FIGURE 10-7 Configuring the performance counter alert You add the performance counter, threshold value, and whether the alert should be triggered if the value exceeds or falls below this value. Figure 10-8 shows an alert that is triggered when the amount of available memory falls below 512 megabytes. FIGURE 10-8 Setting an alert threshold When you create an alert, all it does when triggered is to add an event to the event log. You can also configure an alert to run a scheduled task when triggered. You do this by editing the properties of the alert and specifying the name of the scheduled task on the Task tab, as shown in Figure 10-9. FIGURE 10-9 Running a scheduled task Monitoring events with viewerEvent Viewer, shown in Figure 10-10, enables you to access recorded event information. The Windows Server 2012 and Windows Server 2012 R2 Event Viewer differs from the Event Viewer in earlier versions of the Windows Server operating system, such as Windows Server 2003, in that it not only offers the application, security, setup, and system logs, but it also contains separate application and service Logs. These logs are designed to provide information on a per-role or per-application basis, rather than having all application and role service-related events funneled into the application log. When searching for events related to a specific role service, feature, or application, check to see whether that role service, feature, or application has its own application log. Event log filtersFilters and event logs enable you to view only those events that have specific characteristics. Filters apply only to the current Event Viewer session. If you constantly use a specific filter or set of filters to manage event logs, you should instead create a custom view. Filters apply only to a single event log. You can create filters on a log based on the following properties:
To create a filter, perform the following steps:
Event log viewsEvent log views enable you to create customized views of events across any event log stored on a server, including events in the forwarded event log. Rather than looking through each event log for specific items of interest, you can create event log views that target only those specific items. Event Viewer includes a custom view named Administrative Events. This view displays critical, warning, and error events from a variety of important event logs such as the application, security, and system logs. Views differ from filters in the following ways:
Creating an event log view is a similar process to creating a filter. The primary difference is that you can select events from multiple logs, and you give the event log view a name and choose a place to save it. To create an event log view, perform the following steps:
You can export a custom event log view by selecting the event log view and clicking Export Custom View. Exported views can be imported on other computers running Windows Server 2012 and Windows Server 2012 R2. Configuring event subscriptionsEvent log forwarding enables you to centralize the collection and management of events from multiple computers. Rather than having to examine the event log of each computer by making a remote connection to that computer, event log forwarding enables you to do one of the following:
Event log forwarding enables you to configure the specific events that are forwarded to the central computer. This enables the computer to forward important events. It isn’t necessary to forward all events from the source computer. If you discover something that warrants further investigation from the forwarded traffic, you can log on to the original source computer and view all the events from that computer in a normal manner. Event log forwarding uses Windows Remote Management (WinRM) and the Windows Event Collector (wecsvc). You need to enable these services on computers that function as event forwarders and event collectors. You configure WinRM using the winrm quickconfig command. You configure wecsvc using the wecutil qc command. If you want to configure subscriptions from the security event log, you need to add the computer account of the collector computer to the local Administrators group on the source computer. To configure a collector-initiated event subscription, configure WinRM and Windows Event Collector on the source and collector computers. In the Event Viewer, configure the Subscription Properties dialog box, shown in Figure 10-14, with the following information:
FIGURE 10-14 Configuring a collector-initiated event subscription If you want to instead configure a source computer-initiated subscription, you need to configure the following group policies on the computers that will act as the event forwarders:
Both of these policies are located in the Computer Configuration\Policies\Administrative Templates\Windows Components\Event Forwarding node. When configuring the subscription, you must also specify the computer groups that hold the computer accounts of the computers that will be forwarding events to the collector. You do this in the Computer Groups dialog box, as shown in Figure 10-15. FIGURE 10-15 Configuring subscription computer groups for the subscription Attaching event-driven tasksEvent Viewer enables you to attach tasks to specific events. A drawback to the process of creating event-driven tasks is that you need to have an example of the event that triggers the task already present in the event log. Events are triggered based on an event having the same log, source, and event ID. To attach a task to a specific event, perform the following steps:
Performing network monitoringNetwork monitoring enables you to track how a computer interacts with the network. Through network monitoring, you can determine which services and applications are using specific network interfaces, which services are listening on specific ports, and the volume of traffic that exists. There are two primary tools through which you can perform network monitoring on computers running Windows Server 2012 and Windows Server 2012 R2:
Resource MonitorResource Monitor enables you to monitor how a computer running the Windows Server 2012 and Windows Server 2012 R2 operating system uses CPU, memory, disk, and network resources. Resource Monitor provides real time information. You can’t use Resource Monitor to perform a traffic capture and review activity that occurred in the past. You can use Resource Monitor to view activity that is currently occurring. The Network tab of Resource Monitor is shown in Figure 10-19. Resource Monitor provides the following information that is relevant to network monitoring:
Message AnalyzerMicrosoft Message Analyzer is the successor to Network Monitor. You can use Message Analyzer to perform network traffic capture and analysis. Message Analyzer also functions as a replacement for LogParser, which enables you to manage system messages, events, and log files. When performing a capture, you select the scenario that best represents the type of event about which you are interested in capturing traffic. For example, the LAN scenario, shown in Figure 10-20, enables you to capture traffic on local area network (LAN) interfaces. When performing certain types of network traffic capture, you need to run Message Analyzer using an account that is a member of the local Administrators group. After the capture has been performed, you can analyze the content of each message, as shown in Figure 10-21. By applying appropriate filters, you can locate network traffic that has specific characteristics, such as using a particular TCP port, source, or destination address. Lesson summary
Lesson reviewAnswer the following questions to test your knowledge of the information in this lesson. You can find the answers to these questions and explanations of why each answer choice is correct or incorrect in the “Answers” section at the end of this chapter.
Which tool you will be using in the Windows performance issue?Although Windows 10 includes a number of tools to troubleshoot performance issues, such as the "Performance" tab in Task Manager, you'll find that the Performance Monitor is the most complete tool you can use to view and analyze application and hardware data to fix system performance related problems.
How do I add a performance counter?In the navigation pane, expand Monitoring Tools, and then choose Performance Monitor. In the console pane toolbar, choose the Add button. In the Add Counters window, in the Select counters from computer drop-down list, choose the computer that is running Business Central Server.
Which Windows tool would you use to check the performance of system resources?From the Monitoring Tools icon you can right click and launch the Resource Monitor. Resource Monitor is another powerful tool that can help you see how your system resources are being used. You also have the ability to launch the System Reliability Monitor.
How do I monitor Windows server performance?How to Monitor Server Performance. App performance monitoring.. App management functions.. A centralized logging tool.. A line-by-line view of your code and how it fits with the bigger picture.. Robust error tracking reports.. A suite of real-time server monitoring functions.. Individual user monitoring functions.. |