The LOGMAN.EXE utility can be used to create and manage Event Trace Session and Performance logs. Many functions of Performance Monitor are supported and can be invoked using this command line utility. Before we look at some examples of how to configure Performance logs using this utility, let's quickly cover some of the syntax. Running LOGMAN /? from a command prompt brings up the first level of context sensitive help:
Basic Usage: LOGMAN [create | query | start | stop | delete | update | import | export] [options]. The verbs specified determine what actions are being performed:
|CREATE||Create a new data collector|
|QUERY||Query data collector properties. All data collectors are listed if no specific name is provided|
|START||Start an existing data collector|
|STOP||Stop and existing data collector|
|DELETE||Delete an existing data collector|
|UPDATE||Update the properties of an existing data collector|
|IMPORT||Import a data collector set from an XML file|
|EXPORT||Export a data collector set to an XML file|
Running LOGMAN <verb> /? brings up context sensitive help for the verb specified. There are also some options to be aware of:
|-?||Display context sensitive help|
|-s <computer>||Perform the command on the specified remote system|
|-ets||Send the command directly to an Event Tracing Session without saving or scheduling|
So now that we have our basic commands, let's take a look at how we can use LOGMAN.EXE for one of our most common scenarios - capturing baseline Performance data for a system. We've discussed the importance of capturing baseline server performance data in several previous posts. In our example, we are going to capture a binary circular performance monitor log that has a maximum size of 500MB. The reason we are going to use a binary circular log is that we can record the data continuously to the same log file, overwriting previous records with new data once the log file reaches its maximum size. Since this will be a baseline performance log that will be constantly running, we want to ensure that we can capture a significant data sample, and not have the log file being overwritten in such a short timeframe that useful data is lost. Put another way, we want to set our capture interval up so that we do not overwrite our data too quickly. For the purposes of this example, we'll set up our log to capture data every two hours. We want to save our data to a log file, so we will need to specify a log file location. Given that we want to capture baseline data, there is a good possibility that we want to use the same settings on multiple servers so we'll need to ensure that we can repeat this process with a minimum of administrative fuss ...
So, to recap, we are going to capture our baseline performance log that is:
The one piece of this equation that we have not specified is which counters we need to capture. One of the key reasons to use LOGMAN.EXE is that we can specify which counters we want to capture in a standard configuration file and then use that configuration across to configure our capture for multiple servers. Creating the configuration file is fairly simple - we are going to create a .CONFIG file that enumerates the counters that we want to capture, one per line. An example is shown below:
These are some fairly standard Performance Counters. Let's save this file as Baseline.config on a folder on one of our file servers. Now we have all of the pieces that we need to configure and capture our baseline.
logman create counter BASELINE -f bincirc -max 500 -si 2 --v -o "e:\perflogs\SERVERBASELINE" –cf "\\<FILESERVER>\Baseline\Baseline.config"
Once we run this command, we can run LOGMAN.EXE and use the QUERY verb to ensure that our Data Collector has been created:
The last thing we need to do is start our Data Collector set. There are a couple of options here - the first is to run LOGMAN.EXE START BASELINE from the command line. This will launch the Data Collector. However, when we reboot our system, the Data Collector will not run. If you create a startup script to run the command above to start the Data Collector set, then you can capture your performance data from the time that the server starts.
Before we wrap up our post, here is another common scenario. You can create a Data Collector set on a full installation of Windows Server 2008 or Windows Vista. Then export that Data Collector Set configuration to an XML Template. You can then use the LOGMAN.EXE command with the IMPORT verb to import that Data Collector set configuration on a Windows Server 2008 Server Core system, then use the LOGMAN.EXE command with the START verb to start the Data Collector Set. The commands are below:
Finally, here are two more sample commands where we use LOGMAN.EXE for gathering Performance Monitor data for troubleshooting:
High CPU Issue
logman.exe create counter High-CPU-Perf-Log -f bincirc -v mmddhhmm -max 250 -c "\LogicalDisk(*)\*" "\Memory\*" "\Network Interface(*)\*" "\Paging File(*)\*" "\PhysicalDisk(*)\*" "\Process(*)\*" "\Redirector\*" "\Server\*" "\System\*" "\Thread(*)\*" -si 00:00:05
In this example, we have a capture interval of five seconds, with a Maximum Log size of 250MB. The Performance Counters that we are capturing are fairly generic.
Generic Performance Monitor Logging
logman.exe create counter Perf-Counter-Log -f bincirc -v mmddhhmm -max 250 -c "\LogicalDisk(*)\*" "\Memory\*" "\Network Interface(*)\*" "\Paging File(*)\*" "\PhysicalDisk(*)\*" "\Process(*)\*" "\Redirector\*" "\Server\*" "\System\*" -si 00:05:00
In this example, we are using a five minute capture interval - the rest of the parameters are fairly straightforward. Remember that in both of these cases, you will need to use LOGMAN.EXE with the START verb and specifying the name of the Data Collector Set to begin the capture. These samples work on all Windows Operating Systems from Windows XP onwards.
And with that, we come to the end of this Two Minute drill. Until next time ...
|Share this post :|
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.