Post on 20-Jan-2016
transcript
Windows monitoring
Unit objectives: Monitor the operating system Monitor system performance Backup and restore operating system
files and data
Topic A
Topic A: System monitoring Topic B: System performance Topic C: Backup and restore
Windows Diagnostics
Start, All Programs (or Programs), Accessories, System Tools menu
msinfo32 Collects and displays information about
configuration of specified computer System Information window
– Hardware Resources– Components– Software Environment– Internet Settings (not in Windows 7 or Vista)
System Information window
Remote computer information
1. Choose View, Remote Computer
2. Enter the name of the computer – Remote computer — WMI installed– Need appropriate privileges on remote
computer
Activity A-1
Running Windows Diagnostics
Command-line system information
path\msinfo32 Full path required for command-line
functionality Windows 7 and Vista parameters and
switches– /nfo Path – /report Path – /computer ComputerName
continued
Command-line information, continued
Windows XP/2000 parameters and switches– /pch – /report:filename.ext – /computer:computername – /category:categoryname – /categories:categorylist – /showcategories– /?
Activity A-2
Running msinfo32 from a command line
DirectX Diagnostic
dxdiag.exe Windows Vista — View status of
DirectX installation Windows XP/2000 — Test and
troubleshoot video- or sound-related hardware problems
Check for drivers’ digital signatures
DirectX Diagnostic Tool
DirectX Diagnostic pages
System DirectX Files — Windows XP/2000 Display Sound Music — Windows XP/2000 Input Network — Windows XP/2000 More Help — Windows XP/2000
Activity A-3
Running the DirectX Diagnostic tool
Task Manager
Provides information on applications, processes, and services running on computer
Tabs– Applications– Processes– Performance– Networking — Windows 7/Vista/XP– Users — Windows 7/Vista/XP– Services — Windows 7/Vista
Windows Task Manager
The Applications tab
End a running application – GPFs have occurred and applications
don’t respond to keyboard or mouse input
Switch to another application– The app is running in the background or
doesn’t have a taskbar button displayed
Start a new instance of an application– Explorer.exe process has stopped and
you have lost your Start menu, taskbar, and desktop items
Activity A-4
Monitoring applications
The Processes tab
Use to determine if a running process is overwhelming the processor and slowing down the system
If a process has a high percentage of CPU usage that doesn’t return to normal, you might have to end the process
Also use to end an application that won’t end when you try to do so on the Applications tab
Activity A-5
Ending a process
The Services tab
Linked to the Processes tab Highlights a service’s associated
process Shows processes from all users Also works in reverse: shows services
associated with a process
Activity A-6
Monitoring services
The Networking tab
Use to view computer’s network bandwidth
Displays a combination of the network traffic for all NICs
Can compare traffic on each NIC
Can customize data columns displayed
Activity A-7
Monitoring network utilization
The Users tab
Use to:– Monitor users logged on to the computer – Disconnect users– Send users messages
Data columns:– User – ID– Status– Client Name– Session
Activity A-8
Monitoring users
Computer Management
Monitor system events Create and manage shared resources Determine which users are connected
to monitored system Start and stop services Set properties for storage devices View device configurations Add or change device drivers Manage applications and services
Event Viewer
Use to monitor events Determine cause of problems with
– Application– Component of operating system– Suspected security breach
Event Viewer
Scope pane Actions pane
Console tree
Event Viewer categories
Application Security System Setup (Windows 7/Vista) Forwarded Events (Windows 7/Vista)
Event information
Level (7/Vista); Type (XP/2000) Date Time Source Task Category (7/Vista); Category
(XP/2000) Event ID (7/Vista); Event (XP/2000) User Computer
Event types
Error Warning Information Success Audit (Security Log only) Failure Audit (Security Log only)
Event Properties
Activity A-9
Viewing the event logs
Sorting events
Default — Events are listed from the newest to the oldest, by date and time
Can change the sort order – Click any column heading – One click = ascending order– Second click = descending order
To return to default view, choose View, Newest First
continued
Sorting events, continued
Grouping events
Group events by column heading Choose View, Group By, and choose
a column heading To return to default view, choose
View, Remove grouping of events
continued
Grouping events, continued
Filtering events
Filtering displays only certain events Filter criteria:
– Logged– Level (in Windows 7/Vista)– Event sources or Source– Event ID– Task category– Keywords– User– Computer
continued
Filtering events, continued
Managing event logs
Default size Events overwritten Clear events Save events
Activity A-10
Controlling the display of an event log
Topic B
Topic A: System monitoring Topic B: System performance Topic C: Backup and restore
Reliability Monitor
Track events that affect stability– Software installs and uninstalls– Application failures– Hardware failures– Windows failures– Miscellaneous failures
Reliability Monitor in Vista
Two features to track system health
System Stability Chart System Stability Report
Activity B-1
Determining a system’s Stability Index
Resource Overview
CPU Hard disk Network Memory (RAM)
Resource Overview
Detailed view of CPU resource
Activity B-2
Viewing real-time performance data in Resource Overview
(optional Instructor demonstration on Windows Vista)
Performance Monitor
Known as System Monitor in XP Monitor computer performance
– Real time– One-second intervals
Save reports of data Hundreds of counters available
– Create a baseline to compare system performance over time
– Monitor system resource use– Locate performance problems– Identify performance bottlenecks
Performance Monitor real-time graph
Performance objects Battery Status Cache Memory Network Interface Objects Paging File PhysicalDisk Process Processor System Thread
Bottlenecks
Processor: % Processor Time – Monitors how hard your processor is
working Process: Thread Count
– Identifies memory leaks in applications Memory: Pages/sec
– Points to page faults that cause system delays
PhysicalDisk: Disk Transfers/sec – Identifies poor disk-response time
Network Interface – Monitors network traffic
Adding counters
Real-time monitoring
1. Select local or remote computer
2. Expand appropriate performance object
3. Select desired counter
4. Select appropriate instance of the counter
5. Click Add
6. When finished adding counters, click OK
Activity B-3
Monitoring performance withPerformance Monitor
Performance Monitor configuration
Button Use to
Open saved log files and display them
Change graph display type
Add and delete counters
Highlight counter on graph
Display Properties
Pause and restart display
Update data
Performance Monitor tabs
General Source Data Graph Appearance
Activity B-4
Customizing Performance Monitor
Performance Logs and Alerts
Collect data View data Configure logs Set up alerts Options
– Counter Logs– Trace Logs– Alerts
Configuring Alerts
Log an entry in the application event log
Send a network message to Start performance data log Run this program Command Line Arguments
Topic C
Topic A: System monitoring Topic B: System performance Topic C: Backup and restore
Backups Create automatic backups of your personal files Restore files that you previously backed up Create a Complete PC Backup Archive selected files and folders Restore the archived files and folders Make a copy of your computer’s system state,
which includes:– Registry– Boot files– COM+ class registration database– IIS metadirectory– Windows File Protection system files
Copy your computer’s system partition, the boot partition, and the files needed to start up the system
Backup modes
Wizard mode — Walks you step-by-step through the process
Advanced mode — Provides complete control over file and folder selection
Scheduling automatic backups
Backup types in Windows XP
Copy Daily Differential Incremental Normal
Backup strategy
Grandfather-Father-Son basic strategy– Back up Son– Back up Father– Back up Grandfather
Activity C-1
Scheduling a backup
Restoring files
Files can be restored to original or alternate locations
Restore all of the files and folders that were backed up or restore selected files from the backup
Activity C-2
Restoring files from backup
System Restore
Available in Windows XP and Windows Vista, and Windows 7
Creates snapshots of the system configuration– System checkpoints– Manual restore points– Installation restore points
Used to restore computer to a previous configuration
Create a restore point before troubleshooting
Does not affect user data files
System Protection tab
Activity C-3
Creating a restore point
Restoring a system
Try Driver Rollback first If that doesn’t work, use System
Restore All Programs, Accessories, System
Tools, System Restore Can choose desired restore point Computer will reboot
Additional restore points
Affected programs and files
Activity C-4
Restoring a computer to a previous state
Unit summary
Monitored the operating system Monitored system performance Backed up and restored operating
system files and data