{"id":224,"date":"2016-02-24T10:34:04","date_gmt":"2016-02-24T10:34:04","guid":{"rendered":"http:\/\/blogs-new.it.ox.ac.uk\/dst\/?p=224"},"modified":"2021-03-30T07:58:47","modified_gmt":"2021-03-30T06:58:47","slug":"windows-peformance-logs","status":"publish","type":"post","link":"https:\/\/blogs-new.it.ox.ac.uk\/dst\/2016\/02\/24\/windows-peformance-logs\/","title":{"rendered":"Windows Peformance Logs"},"content":{"rendered":"<p>One of the bits of work that we&#8217;ve been looking at is identifying useful information help within the Windows logs which we can utilise to help us see what is going on.<\/p>\n<p>An example of this is looking using the Windows Diagnostics Performance logs. These are burred pretty deep in the menus and are not the easiest to find. When you do find them you then see what seem like a huge number of alarming looking entries classed as\u00a0either critical or errors. These are a bit mis-leading as most of them are not referring to things that are not working which is different to say the standard System log &#8211; if you had a screen full of them in there then you know you&#8217;re in serious trouble.<\/p>\n<p>If we filter this log on just Event ID 100 we get all errors associated with delays at boot, ID 101 gives is applications which are taking longer than usual to start up and ID 102 gives us any drivers that took too long to initialise.\u00a0 These are all measured against built in thresholds within the Windows source code and understanding all of the details is rather complex. However it does give us a baseline to pull information back from machines and compare them. An example of one of the ID 100 errors on my machine is below:<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"http:\/\/blogs-new.it.ox.ac.uk\/dst\/files\/2016\/02\/diag_log_event_id_100_sample.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-226\" alt=\"diag_log_event_id_100_sample\" src=\"http:\/\/blogs-new.it.ox.ac.uk\/dst\/files\/2016\/02\/diag_log_event_id_100_sample.png\" width=\"671\" height=\"481\" srcset=\"https:\/\/blogs-new.it.ox.ac.uk\/dst\/files\/2016\/02\/diag_log_event_id_100_sample.png 671w, https:\/\/blogs-new.it.ox.ac.uk\/dst\/files\/2016\/02\/diag_log_event_id_100_sample-300x215.png 300w\" sizes=\"auto, (max-width: 671px) 100vw, 671px\" \/><\/a><\/p>\n<p>We will start gathering these entries from a sample of machines where we know we&#8217;ve had specific performance-related issues occurring. We&#8217;ll do this remotely on machines, with a script which will pull these locally into an Excel spreadsheet before emailing them back to us so we can collate the data. The majority of this is being done through PowerShell, with the below line an example of filtering and capturing the ID 100 logs as above.<\/p>\n<p><a href=\"http:\/\/blogs-new.it.ox.ac.uk\/dst\/files\/2016\/02\/ps_script_sample.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-225 alignleft\" alt=\"ps_script_sample\" src=\"http:\/\/blogs-new.it.ox.ac.uk\/dst\/files\/2016\/02\/ps_script_sample.png\" width=\"827\" height=\"19\" srcset=\"https:\/\/blogs-new.it.ox.ac.uk\/dst\/files\/2016\/02\/ps_script_sample.png 827w, https:\/\/blogs-new.it.ox.ac.uk\/dst\/files\/2016\/02\/ps_script_sample-300x6.png 300w\" sizes=\"auto, (max-width: 827px) 100vw, 827px\" \/><\/a><\/p>\n<p>Once we&#8217;ve done this we&#8217;ll be going through everything to find any common entries and also comparing it with our benchmarking.<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>One of the bits of work that we&#8217;ve been looking at is identifying useful information help within the Windows logs which we can utilise to help us see what is going on. An example of this is looking using the &hellip; <a href=\"https:\/\/blogs-new.it.ox.ac.uk\/dst\/2016\/02\/24\/windows-peformance-logs\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":306,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[42051],"tags":[],"class_list":["post-224","post","type-post","status-publish","format-standard","hentry","category-slow-pcs"],"_links":{"self":[{"href":"https:\/\/blogs-new.it.ox.ac.uk\/dst\/wp-json\/wp\/v2\/posts\/224","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs-new.it.ox.ac.uk\/dst\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs-new.it.ox.ac.uk\/dst\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs-new.it.ox.ac.uk\/dst\/wp-json\/wp\/v2\/users\/306"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs-new.it.ox.ac.uk\/dst\/wp-json\/wp\/v2\/comments?post=224"}],"version-history":[{"count":5,"href":"https:\/\/blogs-new.it.ox.ac.uk\/dst\/wp-json\/wp\/v2\/posts\/224\/revisions"}],"predecessor-version":[{"id":231,"href":"https:\/\/blogs-new.it.ox.ac.uk\/dst\/wp-json\/wp\/v2\/posts\/224\/revisions\/231"}],"wp:attachment":[{"href":"https:\/\/blogs-new.it.ox.ac.uk\/dst\/wp-json\/wp\/v2\/media?parent=224"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs-new.it.ox.ac.uk\/dst\/wp-json\/wp\/v2\/categories?post=224"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs-new.it.ox.ac.uk\/dst\/wp-json\/wp\/v2\/tags?post=224"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}