Windows Vista Inside Out Chapter 22 - Monitoring System Activities with Event Viewer Last modified 10-22-07 11 am.

Slides:



Advertisements
Similar presentations
This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
Advertisements

Configuring Windows Vista Security Lesson 8. Skills Matrix Technology SkillObjective DomainObjective # Setting Up Users Configure and troubleshoot parental.
Optimizing Windows Vista Performance Lesson 10. Skills Matrix Technology SkillObjective DomainObjective # Introducing ReadyBoostTroubleshoot performance.
Troubleshooting Windows. Failure to boot Is it hardware (OS not found)? Hard drive failure Is the system powered on? Is the power supply OK? Is the system.
14.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
11 INSTALLING WINDOWS XP Chapter 2. Chapter 2: Installing Windows XP2 INSTALLING WINDOWS XP  Prepare a computer for the installation of Microsoft Windows.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 11: Monitoring Server Performance.
11.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
Chapter 11 - Monitoring Server Performance1 Ch. 11 – Monitoring Server Performance MIS 431 – created Spring 2006.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
Chapter 16 Chapter 16: Troubleshooting. Chapter 16 Learning Objectives n Develop your own problem-solving strategy n Use the Event Viewer to locate and.
Week:#14 Windows Recovery
COMPREHENSIVE Windows Tutorial 10 Improving Your Computer’s Performance.
Maintaining and Updating Windows Server 2008
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Using the Windows Event Viewer and Task Scheduler Chapter 5.
McGraw-Hill/Irwin© 2006 The McGraw-Hill Companies, Inc. All rights reserved. 5-1.
Event Viewer Was of getting to event viewer Go to –Start –Control Panel, –Administrative Tools –Event Viewer Go to –Start.
Windows Server 2008 Chapter 6 Last Update
Windows Tutorial 9 Maintaining Hardware and Software
Guide to MCSE , Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.
Working with Drivers and Printers Lesson 6. Skills Matrix Technology SkillObjective DomainObjective # Understanding Drivers and Devices Install and configure.
1 Chapter Overview Monitoring Server Performance Monitoring Shared Resources Microsoft Windows 2000 Auditing.
Ch 11 Managing System Reliability and Availability 1.
Chapter 17: Watching Your System BAI617. Chapter Topics Working With Event Viewer Performance Monitor Resource Monitor.
Administering Windows 7 Lesson 11. Objectives Troubleshoot Windows 7 Use remote access technologies Troubleshoot installation and startup issues Understand.
®® Microsoft Windows 7 for Power Users Tutorial 8 Troubleshooting Windows 7.
Hands-On Microsoft Windows Server 2008
Windows XP Professional Windows XP Professional Overview Install and Upgrade Windows XP Pro Customize and Manage Windows XP Pro Troubleshoot Common Windows.
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 5 1 Control Panel Applets.
Tutorial 11 Installing, Updating, and Configuring Software
Using Windows Firewall and Windows Defender
Ch 8. The Control Panel Window –Category View The Control Panel Window –Small icons View.
Microsoft ® Official Course Module 10 Optimizing and Maintaining Windows ® 8 Client Computers.
Chapter Fourteen Windows XP Professional Fault Tolerance.
A+ Guide to Managing and Maintaining Your PC Fifth Edition Chapter 14 Managing and Troubleshooting Windows 2000.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 5 Windows XP Professional McGraw-Hill.
A+ Guide to Software Managing, Maintaining and Troubleshooting THIRD EDITION Chapter 6 Managing and Troubleshooting Windows 2000.
Hands-On Microsoft Windows Server 2008 Chapter 12 Managing System Reliability and Availability.
University of Management & Technology 1 Operating Systems & Utility Programs.
Managing and Monitoring Windows 7 Performance Lesson 8.
Ch 6. Performance Rating Windows 7 adjusts itself to match the ability of the hardware –Aero Theme v. Windows Basic –Gaming features –TV recording –Video.
Module 7: Fundamentals of Administering Windows Server 2008.
Gorman, Stubbs, & CEP Inc. 1 Introduction to Operating Systems Lesson 4 Microsoft Windows XP.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 11: Monitoring Server Performance.
CMPF124 Personal Productivity with Information Technology Chapter 1 – Part 4 Introduction To Windows Operating Systems Basic Windows Admin Introduction.
Troubleshooting Windows Vista Lesson 11. Skills Matrix Technology SkillObjective DomainObjective # Troubleshooting Installation and Startup Issues Troubleshoot.
Chapter 33 Troubleshooting Windows Errors. STOP Errors  When Microsoft Windows XP encounters a serious problem  And the operating system can't continue.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 11: Monitoring Server Performance.
Chapter 10 Chapter 10: Managing the Distributed File System, Disk Quotas, and Software Installation.
Troubleshooting Security Issues Lesson 6. Skills Matrix Technology SkillObjective Domain SkillDomain # Monitoring and Troubleshooting with Event Viewer.
11 INSTALLING AND MANAGING HARDWARE Chapter 6. Chapter 6: Installing and Managing Hardware2 INSTALLING AND MANAGING HARDWARE  Install hardware in a Microsoft.
PC Maintenance: Preparing for A+ Certification Chapter 28: Working with Applications.
IT1001 – Personal Computer Hardware & system Operations Week7- Introduction to backup & restore tools Introduction to user account with access rights.
Optimizing Windows Vista Performance Lesson 10. Skills Matrix Technology SkillObjective DomainObjective # Introducing ReadyBoostTroubleshoot performance.
CSC190 Introduction to Computing Operating Systems and Utility Programs.
© 2012 The McGraw-Hill Companies, Inc. All rights reserved. 1 Third Edition Chapter 6 Today’s Windows Windows Vista and Windows 7 McGraw-Hill.
Windows Vista Inside Out Ch 3: Personalizing Windows Vista Last modified am.
Hands-On Microsoft Windows Server 2008 Chapter 5 Configuring Windows Server 2008 Printing.
Troubleshooting Windows Vista Lesson 11. Skills Matrix Technology SkillObjective DomainObjective # Troubleshooting Installation and Startup Issues Troubleshoot.
Maintaining and Updating Windows Server 2008 Lesson 8.
Fixing Windows 10 Automatic Updates Install Problem
Windows Vista Configuration MCTS : Maintenance and Optimization.
SQL Database Management
Chapter Objectives In this chapter, you will learn:
CONFIGURING HARDWARE DEVICE & START UP PROCESS
Chapter 23 – Recovering From an Computer Crash
Bethesda Cybersecurity Club
Presentation transcript:

Windows Vista Inside Out Chapter 22 - Monitoring System Activities with Event Viewer Last modified am

Editions  Event  Event Viewer works exactly the same way in all Windows Vista editions

Event Log Service   Records noteworthy occurrences in these log files Application Security Setup System Forwarded Events

Event Viewer  In Computer Management  EVENTVWR from an elevated Command Prompt

New Features New Features   View events from multiple logs simultaneously   Create and save filtered selections as custom views   Create a task to run automatically when a particular event occurs   Create a subscription to specified events on other networked computers

Types of Events   Application Generated by programs, selected by the developer   Security Logon attempts Attempts to use secured resources, such as an attempt to create, modify, or delete a file

Types of Events   Setup Application installation   System Generated by Windows itself For example, a driver fails to load when you start Windows   Forwarded Events Events gathered from other computers

Types of Events   Applications And Services Logs for individual applications

Analytic And Debug Logs   View, Show Analytic And Debug Logs   Rarely used

Auditing Security Events   In Windows Vista Business, Enterprise, and Ultimate editions An administrator can choose events to record With Audit Policies (Local Policies\Audit Policy) in the Local Security Policy console (Secpol.msc) The monitored objects must be specified in the Auditing tab in Advanced Security Settings

Event Levels   Error Possible loss of data or functionality Such as a malfunctioning network adapter   Warning Less significant then errors Such as a nearly full disk   Information Other events Such as someone using a printer

Event Logs Summary  Click Event Viewer in the left pane  For details, click an Event Type, then click "View all instances" in right pane

Viewing Individual Logs and Events   Level Information, Warning, or Error   Date And Time   Source The application or system component that generated the event   Event ID A very important number to define the event   Task Category May give further information about the event

Event Details  Double-click an event  Link at the bottom gives you Microsoft's Web info  Eventid.net gives you much better information

Creating a Task to Run When a Specific Event Occurs  Connects Task Scheduler to Events

Monitoring Other Computers’ Events with Subscriptions  One Vista computer can gather events from several other Vista computers  You have to create special user accounts on the target machines, and open a firewall exception on each machine

Working with Log Files  By default, logs have a limited size, and eventually overwrite old events  Adjust this behavior in a log's Properties

Windows Vista Inside Out Chapter 23 - Troubleshooting Windows Errors

Editions  These troubleshooting techniques  These troubleshooting techniques work exactly the same way in all Windows Vista editions

Configuring and Using Windows Error Reporting  Windows Error Reporting's new features Can automatically transmit information about errors to Microsoft Can automatically transmit information about errors to Microsoft To help them improve WindowsTo help them improve Windows Can notify Can notify you automatically when an error occurs for which a solution is available Maintains a history of errors on your system

Application Recovery and Restart  New functions for developers to use in applications   Responds to a crash by restarting and reopening the document you were working on   Implemented in Microsoft Office 2007

Privacy Concerns  Some of the information sent to Microsoft could contain personal information

Windows Error Reporting   Windows Error Reporting gathers the basic information Sends it to Microsoft if you have approved that   The Microsoft server tries to find a solution   The application restarts, if it can

Setting Windows Error Reporting Options   Control Panel   System And Maintenance   Problem Reports And Solutions   Choose How To Check For Solutions

Advanced Advanced Error Reporting Options  Advanced Settings

Reviewing the Problem History   Control Panel   System And Maintenance   Problem Reports And Solutions   View Problem History

Checking for Solutions   Control Panel   System And Maintenance   Problem Reports And   Solutions   Check For New Solutions

Reliability Monitor   Logo, REL

Rolling Back to a Stable State with System Restore  System Restore is helpful when You install a program that conflicts with other software or drivers on your system You install a driver that causes performance or stability problems Your system develops performance or stability problems for no apparent reason

System Restore and Viruses  System Restore doesn't remove infections  Use antivirus software for that  After cleaning a virus, delete your System Restore points to prevent re-infection

Using System Restore   Logo, SYS

System Restore Do’s and Don’ts   Newly created user accounts may vanish   System Restore does not uninstall programs, although it does remove executable files and DLLs Uninstalling recently installed applications before the restore is best   Changes made to your system configuration using the Windows Recovery Environment are not monitored by System Protection (System Restore)

System Restore and Safe Mode   You can restore your system to a previous configuration from Safe Mode   BUT you cannot create a new restore point in Safe Mode   Therefore, you cannot undo a restore operation that you perform in Safe Mode   Avoid restoring in Safe Mode

Dealing with Stop Errors   Blue Screen of Death (BSOD)   Image from link Ch 23a

How Windows Handles Stop Errors   Displays a STOP error (BSOD)   Writes debugging information to the page file When the system restarts, this information is saved as a crash dump file   By default, the system restarts

Customizing STOP Error Behavior  Start  Right-click Computer, Properties  Advanced System Settings  Advanced tab  In "Startup and Recovery" section, click Settings

How to Read a Stop Error   Symbolic error name At the top – here it is BUGCODE_USB_DRIVER   Troubleshooting recommendations   Error number and parameters After the word STOP

Advice for Dealing with Stop Errors   Look for a driver name   Don’t rule out hardware problems   Check your memory Logo, MEM for Memory Diagnostics   Ask yourself, “What’s new?”   Search the Knowledge Base

Advice for Dealing with Stop Errors   Check your system BIOS for updates   Are you low on system resources? Check RAM and disk space   Try starting in Safe Mode If that works, it's probably a driver problem   Try an alternative driver Even one made for a different hardware model in the same family