Sunday 8 April 2012

How to Monitor Windows Server 2003

People monitor system resources in order to evaluate their computer workload, observe changes and trends in resource usage, test configuration changes, and diagnose problems.
Task manager presents a snapshot of programs and processes that are running on the computer and provides a summary of the computers processor and memory usage.

System monitor logs performance and memory usage and also generates alerts that provide detailed data about the resources by specific components of the operating system and computer.

Monitoring Event Logs
Events are user actions that are recorded based on an audit policy or any significant occurrence in Windows 2003 or in an application. Users monitor events to track and identify security events, resource use, or system and application errors. Windows 2003 observes 


Three types of logs:
  • Security events are recorded in the security log.
  • System events are recorded in the system log.
  • Application events are recorded in the Application log.

The Events log enables users to monitor information about hardware, software, system problems, and security. Users view these logs to detect activities and events that require attention.

System Logs contain events that Operating System components log. The Application Log contains events that Applications or Programs log. The Security Log contains events related to log on attempts and resource usage.

There are three types of System and Application events: Information, Warning, and Error.

Use Task Manager to Monitor System Resources
Task Manager provides real time information about applications currently running on systems, the processor and memory usage or any other data about those processors, and statistics on memory and processor performance.

Monitoring Programs: Use the task manager’s Application tab to view the status of applications running on the computer and to identify the process associated with an application.
Monitoring Processes: Use the Process tab to view a list of running processes and their measures. The processes and measures that appear run in their own address space, including all applications and system services. Both user and system can initialize a process but only a process that a user initializes can be ended.
Monitoring Performance: To monitor current computer performance, use the Performance tab. This tab displays a dynamic overview of the computers current performance including graph and numerical display of processor and memory usage.
Use System Monitor to Monitor System Performance
If a more detailed Performance overview than Task Manager is needed, use system monitor to obtain more comprehensive information about the computer or other computers on the network. Use system monitor to collect and view logged data about processor, disk, memory, network activity, etc. Use this information to diagnose how the system and applications are functioning to ensure that the system is being optimized. System Monitor information can be viewed in histogram, graph, or report form.

  • Objects: In system monitor, objects are major components or subsystems of the computer systems. They can be hardware such as hard disk or software such as process.
  • Instances: Instances are multiples of the same object type. For example, if a system has multiple processors, the processor object type will have multiple instances.
  • Counters: Counters gather data on different aspects of objects.
For example: the process object counters gather data on the processor time and then user time. Counters are built into the operating system and continuously capture data, whether it is visible in system monitor or not. If an object type has multiple instances, counters track status for each instance or the total of all instances.
Adding CountersBecause counters continually gather data on system performance, when counters are added, their displays in system monitor are being added.
Click Start, point to Programs, point to Administrative Tools, and click Performance.
Right click the System Monitor details pane then click Add Counters.
Click all counters or select counters from the list to choose individual counters.
If an object has instances, click all instances or select instances from the list to choose individual instances.
Click Add then Close the add counters dialog box.
After counters are added, their data can be viewed in real time. Data can be displayed in three ways:
  1. Histogram: Display data in a Bar chart.
  2. Report: Display Numerical data in columns.
  3. Chart: Display data in Line graph.

Alerts: Use alerts to notify a user or administrator when indications go beyond the limit specified. In addition, use performance logs to collect data on hardware resources, system services, and performance.

Alerts are useful when users are not actively monitoring a particular counter but want to be notified when it exceeds or falls below a specified value so that they can investigate and determine the cause of change. For example, a user can set an alert when the percentage of disk space usage exceeds 80% or the number of failed log on attempts exceed a specified number. There are three tasks involved in settings an alert. They are:
  • Select counters to track a specified system activity.
  • Set a threshold value for that activity.
  • Specify an action to take when the threshold is exceeded or falls below a specific value. The action can be to send a network message, run a program, or start a log.

Use performance logs and alerts in the performance console to set an alert. To set an alert do the following:
  • In the Console tree double click Performance Log and alerts then click Alert.
  • In the detail pane, right click new alert setting then provide a name for the alert.
  • On the General tab, enter a brief description of the alert setting file in the comment box.
  • Click Add to specify object counters and instances and updating information in the add counter dialog box.
  • After adding counters, specify properties for the sample interval and alert threshold on the general tab.
  • On the Action tab, ensure that log on entry in the application event log is selected. Specify a network message to be sent to the computer that triggers the alerts.

No comments:

Post a Comment

Do not post irrelevant comments, please!

Browser Name:
Browser Version:
Browser Code Name:
User-Agent: