The LOGMAN.EXE utility can be used to create and manage Event Trace Session and Performance logs. Many functions of Performance Monitor are supported and can be invoked using this command line utility. Before we look at some examples of how to configure Performance logs using this utility, let's quickly cover some of the syntax. Running LOGMAN /? from a command prompt brings up the first level of context sensitive help:
Basic Usage: LOGMAN [create | query | start | stop | delete | update | import | export] [options]. The verbs specified determine what actions are being performed:
| Verb Name | Description |
| CREATE | Create a new data collector |
| QUERY | Query data collector properties. All data collectors are listed if no specific name is provided |
| START | Start an existing data collector |
| STOP | Stop and existing data collector |
| DELETE | Delete an existing data collector |
| UPDATE | Update the properties of an existing data collector |
| IMPORT | Import a data collector set from an XML file |
| EXPORT | Export a data collector set to an XML file |
Running LOGMAN <verb> /? brings up context sensitive help for the verb specified. There are also some options to be aware of:
| Option | Description |
| -? | Display context sensitive help |
| -s <computer> | Perform the command on the specified remote system |
| -ets | Send the command directly to an Event Tracing Session without saving or scheduling |
So now that we have our basic commands, let's take a look at how we can use LOGMAN.EXE for one of our most common scenarios - capturing baseline Performance data for a system. We've discussed the importance of capturing baseline server performance data in several previous posts. In our example, we are going to capture a binary circular performance monitor log that has a maximum size of 500MB. The reason we are going to use a binary circular log is that we can record the data continuously to the same log file, overwriting previous records with new data once the log file reaches its maximum size. Since this will be a baseline performance log that will be constantly running, we want to ensure that we can capture a significant data sample, and not have the log file being overwritten in such a short timeframe that useful data is lost. Put another way, we want to set our capture interval up so that we do not overwrite our data too quickly. For the purposes of this example, we'll set up our log to capture data every two hours. We want to save our data to a log file, so we will need to specify a log file location. Given that we want to capture baseline data, there is a good possibility that we want to use the same settings on multiple servers so we'll need to ensure that we can repeat this process with a minimum of administrative fuss ...
So, to recap, we are going to capture our baseline performance log that is:
- a binary circular log that will be a maximum of 500MB in size
- configured with a capture interval of two hours
- saved to a file location
- configured with standard counters so that we can capture consistent baseline data across multiple servers if needed
The one piece of this equation that we have not specified is which counters we need to capture. One of the key reasons to use LOGMAN.EXE is that we can specify which counters we want to capture in a standard configuration file and then use that configuration across to configure our capture for multiple servers. Creating the configuration file is fairly simple - we are going to create a .CONFIG file that enumerates the counters that we want to capture, one per line. An example is shown below:
"\Memory\Available MBytes"
"\Memory\Pool Nonpaged Bytes"
"\Memory\Pool Paged Bytes"
"\PhysicalDisk(*)\Current Disk Queue Length"
"\PhysicalDisk(*)\Disk Reads/sec"
"\PhysicalDisk(*)\Disk Read Bytes/sec"
"\PhysicalDisk(*)\Disk Writes/sec"
"\PhysicalDisk(*)\Disk Write Bytes/sec"
"\Process(*)\% Processor Time"
"\Process(*)\Private Bytes"
"\Process(*)\Virtual Bytes"
These are some fairly standard Performance Counters. Let's save this file as Baseline.config on a folder on one of our file servers. Now we have all of the pieces that we need to configure and capture our baseline.
logman create counter BASELINE -f bincirc -max 500 -si 2 --v -o "e:\perflogs\SERVERBASELINE" –cf "\\<FILESERVER>\Baseline\Baseline.config"
- logman create counter BASELINE : This creates the BASELINE Data Collector on the local machine
- -f bincirc -max 500 -si 2 : This piece of the command specifies that we are creating a Binary Circular file, sets the Maximum Log file size to 500MB, sets the Capture Interval at 2 seconds
- --v -o "e:\perflogs\SERVERBASELINE" : In this part of the command, we turn off the versioning information, and set the Output Location and Filename. The Performance Monitor log will be created with a .BLG extension
- –cf \\<FILESERVER>\Baseline\Baseline.config : Finally, we point the LOGMAN utility to the location of our standard counter configuration file
Once we run this command, we can run LOGMAN.EXE and use the QUERY verb to ensure that our Data Collector has been created:
The last thing we need to do is start our Data Collector set. There are a couple of options here - the first is to run LOGMAN.EXE START BASELINE from the command line. This will launch the Data Collector. However, when we reboot our system, the Data Collector will not run. If you create a startup script to run the command above to start the Data Collector set, then you can capture your performance data from the time that the server starts.
Before we wrap up our post, here is another common scenario. You can create a Data Collector set on a full installation of Windows Server 2008 or Windows Vista. Then export that Data Collector Set configuration to an XML Template. You can then use the LOGMAN.EXE command with the IMPORT verb to import that Data Collector set configuration on a Windows Server 2008 Server Core system, then use the LOGMAN.EXE command with the START verb to start the Data Collector Set. The commands are below:
- LOGMAN IMPORT -n <Data Collector Set Name> -xml <XML template that you exported> : This will create the Data Collector Set named whatever name you choose when passing the -n parameter
- LOGMAN START <Data Collector Set Name> : Start the Data Collection process.
Finally, here are two more sample commands where we use LOGMAN.EXE for gathering Performance Monitor data for troubleshooting:
High CPU Issue
logman.exe create counter High-CPU-Perf-Log -f bincirc -v mmddhhmm -max 250 -c "\LogicalDisk(*)\*" "\Memory\*" "\Network Interface(*)\*" "\Paging File(*)\*" "\PhysicalDisk(*)\*" "\Process(*)\*" "\Redirector\*" "\Server\*" "\System\*" "\Thread(*)\*" -si 00:00:05
In this example, we have a capture interval of five seconds, with a Maximum Log size of 250MB. The Performance Counters that we are capturing are fairly generic.
Generic Performance Monitor Logging
logman.exe create counter Perf-Counter-Log -f bincirc -v mmddhhmm -max 250 -c "\LogicalDisk(*)\*" "\Memory\*" "\Network Interface(*)\*" "\Paging File(*)\*" "\PhysicalDisk(*)\*" "\Process(*)\*" "\Redirector\*" "\Server\*" "\System\*" -si 00:05:00
In this example, we are using a five minute capture interval - the rest of the parameters are fairly straightforward. Remember that in both of these cases, you will need to use LOGMAN.EXE with the START verb and specifying the name of the Data Collector Set to begin the capture. These samples work on all Windows Operating Systems from Windows XP onwards.
And with that, we come to the end of this Two Minute drill. Until next time ...
| Share this post : |
|
|
|
|
|
Microsoft
