Chap 11
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Chap 11 as PDF for free.
More details
- Words: 1,589
- Pages: 50
Hands-On Microsoft Windows Server 2003
Chapter 11 Server and Network Monitoring
Objectives • Understand the importance of server monitoring • Monitor Server services • Use Task Manager to monitor processes and performance • Use System Monitor to monitor all types of system elements 2
Objectives • Configure performance logs and alerts to monitor a system • Use Network Monitor to monitor network performance • Use the SNMP Service for network monitoring and management
3
Introduction to Server Monitoring • Benefits of monitoring – Prevent problems before they occur – Diagnose existing problems
• Establish benchmarks in order to compare the data obtained from monitoring with a performance baseline – Disk, CPU, memory, and network response baselines before a release – Slow, typical, and heavy use of server and network resources 4
Monitoring Server Services
5
6
Accessing Server Services • Open the Computer Management tool • Services window contains five columns – Name – Description – Status • Started, Paused, or blank
– Startup Type • Automatic (most services), manual, or disabled
– Log On As • Services usually log on to the Local System 7
8
Solving a Problem with a Service • The Services tool can monitor problems in a service • Check the service status to verify that it is started or set to start automatically • Restart the service if necessary • Be careful about using the Stop option – Check the Dependencies tab of a service to see if other services will be affected if this service is stopped
• Pause the service to take it offline for use only by Administrators or Server Operators 9
10
Using Task Manager • Used to monitor and manage server resources – Applications – Processes – Real-time performance – Network performance – Users
11
Monitoring Applications • Applications tab shows all applications running from the server console • Button options: – End Task, Switch To, New Task
• Status bar displays process information • Shortcut menu options: – Switch To, Bring To Front, Minimize, Maximize, End Task, Go to Process 12
13
Monitoring Processes • Processes tab lists the processes in use by all running applications • A process can be stopped with the End Process button • A process’s priority can be modified with the Set Priority option
14
Setting Priorities • The base priority class is the priority set internally by an application • The server administrator can change the priority – – – – – –
Normal (0) Low (-2) BelowNormal (-1) AboveNormal (+1) High (+2) Realtime (+15) • Use with caution because the process may take over the server 15
16
Monitoring Real-time Performance • The Performance tab shows CPU and memory performance information – CPU usage – Page file use – Handles • Resource used by a program that has its own identification
– Threads • Blocks of code executing within a running process 17
18
19
Monitoring Network Performance • The Networking tab enables the monitoring of network performance on all of the NICs installed in the server – Displays total network utilization – Monitors network performance across each NIC adapter – Used to determine if there is a problem with a NIC – Can also serve as a warning of high network utilization (80% to 100%) 20
21
Monitoring Users • The Users tab provides a listing of the users currently logged on – Log off a user using the Logoff button • Any open files are closed before log off
– Disconnect a user if the user’s connection is hung
22
Using System Monitor
23
Capturing System Data • System Monitor can be used to monitor components such as hard disks, memory, processors, disk caching, started processes, and page files • Monitors a System Monitor object • For each object, there are one or more counters that can be monitored – Counters have status information
• Instances can be associated with a counter when there are different elements of the same object type to monitor 24
25
26
System Monitor Views • Graph – Running line chart of the object – Line with a unique color represents each object
• Histogram – Running bar chart that shows each object as a bar in a different color – Counters are shown at the bottom of the screen with a key to indicate a graphing color
• Report – Provides numbers on a screen that can be exported into a report 27
28
Monitoring System Components • Four objects are often monitored with their associated counters – Processor • % Processor Time indicates whether the server is heavily loaded, or in need of a reduced load or increased capabilities • % Interrupt Time can indicate a possible hardware problem • Interrupts/sec can alert the administrator of excessive network traffic • Processor Queue Length can indicate a need to distribute the processor load
– Memory – Physical disk – Network interface 29
30
Diskperf • Diskperf is a command-line tool that monitors the hard disk counters
31
Configuring Performance Logs and Alerts • The Performance Logs and Alerts tool is accessed from the Administrative tools menu • Performance logs track performance data over a given period of data – Counter logs trace information on System Monitor objects by taking a snapshot at specified intervals – Trace logs monitor particular events and contain only those instances when the events occur
• Alerts are used to warn specific accounts or groups of problems when they occur 32
Creating Counter Logs • Click the Counter Logs option under Performance Logs and Alerts • Name the new log and add counters • Counter logs can occupy disk space and slow system performance – If monitoring for four hours or less, use 15-second intervals – If monitoring for more than four hours, increase the interval and adjust the log file size
• The log can be stopped and restarted manually • Additional objects and counters can be added 33
34
35
Creating Trace Logs • Documents each instance of a particular event over a specific period • Helpful in finding intermittent problems – Excessive load on a server or network – Page fault monitoring
• More limited elements to monitor than in a counter log 36
37
Creating Alerts • Create an alert through the Alerts option under Performance Logs and Alerts • Enter a name for the alert under New Alert Settings • Select the object, counter, and instance – Select _Total as the instance to monitor all processes
• Can send a message to an Administrator group when a problem occurs – For example, when CPU is at 100% utilization 38
Using Network Monitor • Regularly monitoring a network is vital because network conditions can change frequently • Network Monitor is used to create trace logs of network activity and capture frames and packets – Installed with Add/Remove Programs tool
• Network Monitor Driver enables a server or workstation’s NIC to collect statistics about network performance – Installed with Network Connections 39
Capturing Network Data • Percentage of network utilization • Statistics captured during a given time period, NIC statistics, and network station statistics – Addresses of network stations
• Frames and bytes per second • Information concerning transmissions – Transmissions per second – Broadcast, unicast, and multicast transmissions
• Error data 40
41
42
Configuring Network Monitor • Event management is configured by setting up filters to capture a certain event • Two property types for filters: – Service Access Point (SAP) specifies the network process that should accept a frame at the destination – ETYPE is a two-byte code for the protocol type, but is not part of the Ethernet standard – One or both properties can be monitored
• Set network benchmarks for monitoring load – % Network Utilization – Frames, Broadcast, and Multicasts per second 43
44
Using the SNMP Service • Used for network management on TCP/IP-based networks • Consists of management systems and agents that can be grouped into communities for administrative and security purposes – The community shares the use of the service – A community name is used to provide a rudimentary password used among the hosts
• SNMP traffic can be monitored using Network Monitor 45
Configuring the SNMP Service • Configure the SMNP Service and the SNMP Trap Service for use with Network Monitor • Add community names through host name or IP/IPX address • Configure the Traps tab – Designates the destination of trap messages, which are sent based on certain events 46
47
Summary • Use system and network monitoring to thoroughly understand the servers on your network and the network’s typical performance • The Computer Management tool enables you to monitor system services to determine if they are experiencing problems – Restart a service – Check dependencies
48
Summary • Use Task Manager to monitor applications, processes, system performance, network performance, and logged on users – Stop a problem application or process – Log off a hung user connection
• System Monitor is a powerful tool that enables you to monitor all types of system and network activities – Customizes display and saves information to a file 49
Summary • Performance logs enable you to gather System Monitor data at specific times or intervals and record information • Network Monitor is used to gather information about network performance and is installed with the Network Monitor driver • The SNMP Service enables network agents to gather network performance data for use by network management software – Manages and configures specific network devices 50
Chapter 11 Server and Network Monitoring
Objectives • Understand the importance of server monitoring • Monitor Server services • Use Task Manager to monitor processes and performance • Use System Monitor to monitor all types of system elements 2
Objectives • Configure performance logs and alerts to monitor a system • Use Network Monitor to monitor network performance • Use the SNMP Service for network monitoring and management
3
Introduction to Server Monitoring • Benefits of monitoring – Prevent problems before they occur – Diagnose existing problems
• Establish benchmarks in order to compare the data obtained from monitoring with a performance baseline – Disk, CPU, memory, and network response baselines before a release – Slow, typical, and heavy use of server and network resources 4
Monitoring Server Services
5
6
Accessing Server Services • Open the Computer Management tool • Services window contains five columns – Name – Description – Status • Started, Paused, or blank
– Startup Type • Automatic (most services), manual, or disabled
– Log On As • Services usually log on to the Local System 7
8
Solving a Problem with a Service • The Services tool can monitor problems in a service • Check the service status to verify that it is started or set to start automatically • Restart the service if necessary • Be careful about using the Stop option – Check the Dependencies tab of a service to see if other services will be affected if this service is stopped
• Pause the service to take it offline for use only by Administrators or Server Operators 9
10
Using Task Manager • Used to monitor and manage server resources – Applications – Processes – Real-time performance – Network performance – Users
11
Monitoring Applications • Applications tab shows all applications running from the server console • Button options: – End Task, Switch To, New Task
• Status bar displays process information • Shortcut menu options: – Switch To, Bring To Front, Minimize, Maximize, End Task, Go to Process 12
13
Monitoring Processes • Processes tab lists the processes in use by all running applications • A process can be stopped with the End Process button • A process’s priority can be modified with the Set Priority option
14
Setting Priorities • The base priority class is the priority set internally by an application • The server administrator can change the priority – – – – – –
Normal (0) Low (-2) BelowNormal (-1) AboveNormal (+1) High (+2) Realtime (+15) • Use with caution because the process may take over the server 15
16
Monitoring Real-time Performance • The Performance tab shows CPU and memory performance information – CPU usage – Page file use – Handles • Resource used by a program that has its own identification
– Threads • Blocks of code executing within a running process 17
18
19
Monitoring Network Performance • The Networking tab enables the monitoring of network performance on all of the NICs installed in the server – Displays total network utilization – Monitors network performance across each NIC adapter – Used to determine if there is a problem with a NIC – Can also serve as a warning of high network utilization (80% to 100%) 20
21
Monitoring Users • The Users tab provides a listing of the users currently logged on – Log off a user using the Logoff button • Any open files are closed before log off
– Disconnect a user if the user’s connection is hung
22
Using System Monitor
23
Capturing System Data • System Monitor can be used to monitor components such as hard disks, memory, processors, disk caching, started processes, and page files • Monitors a System Monitor object • For each object, there are one or more counters that can be monitored – Counters have status information
• Instances can be associated with a counter when there are different elements of the same object type to monitor 24
25
26
System Monitor Views • Graph – Running line chart of the object – Line with a unique color represents each object
• Histogram – Running bar chart that shows each object as a bar in a different color – Counters are shown at the bottom of the screen with a key to indicate a graphing color
• Report – Provides numbers on a screen that can be exported into a report 27
28
Monitoring System Components • Four objects are often monitored with their associated counters – Processor • % Processor Time indicates whether the server is heavily loaded, or in need of a reduced load or increased capabilities • % Interrupt Time can indicate a possible hardware problem • Interrupts/sec can alert the administrator of excessive network traffic • Processor Queue Length can indicate a need to distribute the processor load
– Memory – Physical disk – Network interface 29
30
Diskperf • Diskperf is a command-line tool that monitors the hard disk counters
31
Configuring Performance Logs and Alerts • The Performance Logs and Alerts tool is accessed from the Administrative tools menu • Performance logs track performance data over a given period of data – Counter logs trace information on System Monitor objects by taking a snapshot at specified intervals – Trace logs monitor particular events and contain only those instances when the events occur
• Alerts are used to warn specific accounts or groups of problems when they occur 32
Creating Counter Logs • Click the Counter Logs option under Performance Logs and Alerts • Name the new log and add counters • Counter logs can occupy disk space and slow system performance – If monitoring for four hours or less, use 15-second intervals – If monitoring for more than four hours, increase the interval and adjust the log file size
• The log can be stopped and restarted manually • Additional objects and counters can be added 33
34
35
Creating Trace Logs • Documents each instance of a particular event over a specific period • Helpful in finding intermittent problems – Excessive load on a server or network – Page fault monitoring
• More limited elements to monitor than in a counter log 36
37
Creating Alerts • Create an alert through the Alerts option under Performance Logs and Alerts • Enter a name for the alert under New Alert Settings • Select the object, counter, and instance – Select _Total as the instance to monitor all processes
• Can send a message to an Administrator group when a problem occurs – For example, when CPU is at 100% utilization 38
Using Network Monitor • Regularly monitoring a network is vital because network conditions can change frequently • Network Monitor is used to create trace logs of network activity and capture frames and packets – Installed with Add/Remove Programs tool
• Network Monitor Driver enables a server or workstation’s NIC to collect statistics about network performance – Installed with Network Connections 39
Capturing Network Data • Percentage of network utilization • Statistics captured during a given time period, NIC statistics, and network station statistics – Addresses of network stations
• Frames and bytes per second • Information concerning transmissions – Transmissions per second – Broadcast, unicast, and multicast transmissions
• Error data 40
41
42
Configuring Network Monitor • Event management is configured by setting up filters to capture a certain event • Two property types for filters: – Service Access Point (SAP) specifies the network process that should accept a frame at the destination – ETYPE is a two-byte code for the protocol type, but is not part of the Ethernet standard – One or both properties can be monitored
• Set network benchmarks for monitoring load – % Network Utilization – Frames, Broadcast, and Multicasts per second 43
44
Using the SNMP Service • Used for network management on TCP/IP-based networks • Consists of management systems and agents that can be grouped into communities for administrative and security purposes – The community shares the use of the service – A community name is used to provide a rudimentary password used among the hosts
• SNMP traffic can be monitored using Network Monitor 45
Configuring the SNMP Service • Configure the SMNP Service and the SNMP Trap Service for use with Network Monitor • Add community names through host name or IP/IPX address • Configure the Traps tab – Designates the destination of trap messages, which are sent based on certain events 46
47
Summary • Use system and network monitoring to thoroughly understand the servers on your network and the network’s typical performance • The Computer Management tool enables you to monitor system services to determine if they are experiencing problems – Restart a service – Check dependencies
48
Summary • Use Task Manager to monitor applications, processes, system performance, network performance, and logged on users – Stop a problem application or process – Log off a hung user connection
• System Monitor is a powerful tool that enables you to monitor all types of system and network activities – Customizes display and saves information to a file 49
Summary • Performance logs enable you to gather System Monitor data at specific times or intervals and record information • Network Monitor is used to gather information about network performance and is installed with the Network Monitor driver • The SNMP Service enables network agents to gather network performance data for use by network management software – Manages and configures specific network devices 50
