Using the Windows Event Viewer and Task Scheduler Chapter 5
Using Windows Vista Event Viewer Use the Event Viewer to find application and system warnings, errors, and informational events. Four types of objects –Windows logs –Applications and service logs –Views –Subscriptions
Events and Logs Events are records of something that occurred on the computer Contains detail such as –Event ID, description, level of severity, source component, etc. Event logs store events in corresponding logs –Logs built on XML –Make it easy to find specific events Logs broken into categories: –Windows logs, which includes: Application log, Security, Setup, System, Forwarded events –Application and Service logs, which includes: Admin, Operational, Analytic, Debug Create custom views to find events from multiple logs
Event Forwarding with Subscriptions Event forwarding allows you to send events from multiple machines to a single machine’s log (the collector) Event subscriptions are which events to look for and send All computers involved must be configured to send or receive events
Event Viewer
Using the Task Scheduler Task Scheduler schedules and runs tasks –Replaced Task Scheduler Tasks can be configure to run as another user and with certain elevated privs Can run tasks on a schedule or use triggers –Trigger is an event that will cause the task’s actions to begin –Trigger can have conditions set, so that conditions must be true in order for the trigger to fire –Idle conditions, network conditions, and power conditions are available as well
Task Details Task settings available on the Settings tab such as: –Allow task to be run on demand, if task fails restart every, if the task is already running then the following rule applies, etc Each task has a detailed history of each step taken to complete the task –This is very helpful when troubleshooting a task related issue Manage tasks with the MMC snap-in SCHTASKS.EXE You can create folders to manage tasks, just like file folders Create Basic Task Wizard will step you through setup but Create Task presents all of the advanced options
Task Details (continued) Importing and exporting tasks is possible using command line tools –Export a task by copying the results of this command into an XML file: SCHTASKS /QUERY.XML –Import a task by right-clicking the folder you want the task in and select Import Task and provide the XML file –Import from the command line using SCHTASKS /CREATE /XML
Running and Administering Tasks To run a task on demand without its trigger, right-click the tas and select Run –To stop, right-click and select End –Use SCHTASKS with /RUN and /END at the command line Disabled tasks will never run View currently running tasks using the Actions pane link “Display All Running Tasks”
Troubleshooting Task Scheduler When a task is not running, check that: –The trigger is configured properly, the task is enabled, the trigger is enabled, conditions are met, no restrictions to a specific user, it doesn’t need elevated privs When isn’t sending from a task as expected, verify the configuration and that the SMTP server is available When an unexpected result occurs, check the log for permissions problems and all steps are being performed