Scenario
Are you having issues with the performance of your PC or server? If so, you can use Microsoft's Performance Monitor to see performance trends over a period of time. In this post, I will talk about how to collect the data you need in order to assess your issue. I will talk more about analysis of the data you collect in other posts.Overall Steps for Data Collection
- Create two DCS.
- Start both DCS.
- Wait for the performance issue to occur.
- After you are sure that you captured data during the problem, stop the DCR.
We will be creating two separate data collector sets. We will basically create two identical data collector sets. The only difference between the two sets will be the polling interval. Performance Monitor data collector sets poll data collectors providers at a whatever interval you specify. We will set one of the intervals to 2 seconds and the other to 4 minutes.
Why would we do this?
In order to catch problems related to the CPU, we will need to poll at intervals no greater than 3 seconds. For memory issues, we need the interval to be longer. We will be creating circular logs which will overwrite the oldest data once they reach their size limit. In the case of memory issues, we usually want to collect data over a period of days or even weeks.
Creating The Data Collector Sets
- Open a command prompt with elevated (run as administrator) rights.
- Copy the command below into the command prompt window and hit Enter (note: you may need to copy into a text file to remove formatting and then copy into command prompt).
Logman.exe create counter PerfLog-LongInterval -o "c:\perflogs\PerfLog-LongInterval.blg" -f bincirc -v mmddhhmm -max 500 -c "\LogicalDisk(*)\*" "\Memory\*" "\.NET CLR Memory(*)\*" "\Cache\*" "\Network Interface(*)\*" "\Netlogon(*)\*" "\Paging File(*)\*" "\PhysicalDisk(*)\*" "\Processor(*)\*" "\Processor Information(*)\*" "\Process(*)\*" "\Thread(*)\*" "\Redirector\*" "\Server\*" "\System\*" "\Server Work Queues(*)\*" "\Terminal Services\*" -si 00:04:00Now copy this command into the command prompt and hit Enter:
Logman.exe create counter PerfLog-ShortInterval -o "c:\perflogs\PerfLog-ShortInterval.blg" -f bincirc -v mmddhhmm -max 500 -c "\LogicalDisk(*)\*" "\Memory\*" "\.NET CLR Memory(*)\*" "\Cache\*" "\Network Interface(*)\*" "\Netlogon(*)\*" "\Paging File(*)\*" "\PhysicalDisk(*)\*" "\Processor(*)\*" "\Processor Information(*)\*" "\Process(*)\*" "\Thread(*)\*" "\Redirector\*" "\Server\*" "\System\*" "\Server Work Queues(*)\*" "\Terminal Services\*" -si 00:00:02Ok, what did you just do by entering those commands into the command prompt? Well, you just created two custom data collector sets that you can now view in Windows Performance Monitor.
Go to Start > Run and then type in perfmon.
You should see two new DCR, where one is called "Perflog-LongInterval" and the other is called "PerfLog-ShortInterval". You can now right click on them and select start to get them started. That's all you need to do to create them and start them.
What's nice about these data collector sets is that they run at a low priority. So if your system starts to use up resources, these collector sets will have a minimal impact on the performance of your computer or server.
The other nice thing is that you can start them and let them run. They are circular. They will grow to a size of 500MB and then overwrite older data. So between the both of them you should not use up more than one Gig of hard drive space.
I cannot emphasize this enough... In order for your data to be useful, these need to be running while you are experiencing your performance issue AND they need to be stopped right after the problem occurs.
If you don't stop them after the problem occurs, they may get overwritten (because they don't get larger than 500MB) and the useful data will be gone.
You can also start and stop these data collector sets via the command prompt. To do so, the command is fairly straight forward. I'll use the name of the data collector set we just created, but you will need to substitute a different name below if your data collector set has a different name.
Logman.exe start PerfLog-LongInterval
Logman.exe start PerfLog-ShortInterval
To stop a data collector set, you can use the following command (again if you name it differently, then change the name)...
Logman.exe stop PerfLog-LongInterval
Logman.exe stop PerfLog-ShortInterval
What if my computer or server is locking up or getting the blue screen of death?
Sometimes your computer or server may lock up completely so that you are unable to login to the computer to stop the data collector sets. If this is the case, the data that you are collecting will likely become corrupt and unusable. If that is the case, you can setup a data collector set to run from another computer.
If you want to do this, you will need to do the following:
Set Server Name
On the monitoring computer, open an administrative command prompt and enter this command:
set srv=servername
NOTE: servername is the name of the server that will be monitored
Next enter these commands to setup the data collector sets:
NOTE: replace %domain%\%username% with the domain and user account that has admin permissions on the server being monitored in standard domain\user format.
NOTE: replace %password% with the password for this account
logman.exe create counter -n remotelonginterval -f bincirc -u %domain%\%username% %password% -si 00:04:00 -o "c:\perflogs\perflog1.blg" -v mmddhhmm -max 500 -c "\\%srv%\LogicalDisk(*)\*" "\\%srv%\Memory\*" "\\%srv%\.NET CLR Memory(*)\*" "\\%srv%\Cache\*" "\\%srv%\Network Interface(*)\*" "\\%srv%\Paging File(*)\*" "\\%srv%\PhysicalDisk(*)\*" "\\%srv%\Processor(*)\*" "\\%srv%\Processor Information(*)\*" "\\%srv%\Process(*)\*" "\\%srv%\Redirector\*" "\\%srv%\Server\*" "\\%srv%\System\*" "\\%srv%\Server Work Queues(*)\*"
logman.exe create counter -n remoteshortinterval -f bincirc -u %domain%\%username% %password% -si 00:00:02 -o "c:\perflogs\perflog2.blg" -v mmddhhmm -max 500 -c "\\%srv%\LogicalDisk(*)\*" "\\%srv%\Memory\*" "\\%srv%\Cache\*" "\\%srv%\Network Interface(*)\*" "\\%srv%\Paging File(*)\*" "\\%srv%\PhysicalDisk(*)\*" "\\%srv%\Processor(*)\*" "\\%srv%\Processor Information(*)\*" "\\%srv%\Process(*)\*" "\\%srv%\Redirector\*" "\\%srv%\Server\*" "\\%srv%\System\*" "\\%srv%\Server Work Queues(*)\*"
Note that in the above commands, I have named them differently than the first data collector sets we created. The names are "remotelonginterval" and "remoteshortinterval" respectively. Also, when you enter your domain, username, and password, be sure to remove the % signs.
Some Prerequisites for remote monitoring:
- Select a Windows XP or higher system with solid network connection to the server to use as the monitoring system.
- The monitoring computer will need to stay on and available throughout the tracing.
- If this monitoring computer is restarted, the logs will need to be started again using the commands below.
How Do I View My Results?
After you stop the data collector sets, you can now go to Reports under User Defined to view your results.
Once you have this, you can begin analysis of your system. You should capture as long an interval as you can to see trends. You can perform analysis on your own using the data you captured. You can also use an analysis tool called PAL.
https://pal.codeplex.com/
However, even using this tool requires you to know something about the data you are looking at. Unfortunately, it's not a tool that gives you a clear and definitive analysis of your system performance. That being said, it may help you if you don't know what to look for.
No comments:
Post a Comment