Windows monitoring Unit objectives: Monitor the operating system Monitor system performance Backup and restore operating system files and data

Topic A Topic A: System monitoring Topic B: System performance Topic C: Backup and restore

Windows Diagnostics Start, All Programs (or Programs), Accessories, System Tools menu msinfo32 Collects and displays information about configuration of specified computer System Information window –Hardware Resources –Components –Software Environment –Internet Settings (not in Windows 7 or Vista)

System Information window

Remote computer information 1.Choose View, Remote Computer 2.Enter the name of the computer –Remote computer — WMI installed –Need appropriate privileges on remote computer

Activity A-1 Running Windows Diagnostics

Command-line system information path\msinfo32 Full path required for command-line functionality Windows 7 and Vista parameters and switches –/nfo Path –/report Path –/computer ComputerName continued

Command-line information, continued Windows XP/2000 parameters and switches –/pch –/report:filename.ext –/computer:computername –/category:categoryname –/categories:categorylist –/showcategories –/?

Activity A-2 Running msinfo32 from a command line

DirectX Diagnostic dxdiag.exe Windows Vista — View status of DirectX installation Windows XP/2000 — Test and troubleshoot video- or sound-related hardware problems Check for drivers’ digital signatures

DirectX Diagnostic Tool

DirectX Diagnostic pages System DirectX Files — Windows XP/2000 Display Sound Music — Windows XP/2000 Input Network — Windows XP/2000 More Help — Windows XP/2000

Activity A-3 Running the DirectX Diagnostic tool

Task Manager Provides information on applications, processes, and services running on computer Tabs –Applications –Processes –Performance –Networking — Windows 7/Vista/XP –Users — Windows 7/Vista/XP –Services — Windows 7/Vista

Windows Task Manager

The Applications tab End a running application –GPFs have occurred and applications don’t respond to keyboard or mouse input Switch to another application –The app is running in the background or doesn’t have a taskbar button displayed Start a new instance of an application –Explorer.exe process has stopped and you have lost your Start menu, taskbar, and desktop items

Activity A-4 Monitoring applications

The Processes tab Use to determine if a running process is overwhelming the processor and slowing down the system If a process has a high percentage of CPU usage that doesn’t return to normal, you might have to end the process Also use to end an application that won’t end when you try to do so on the Applications tab

Activity A-5 Ending a process

The Services tab Linked to the Processes tab Highlights a service’s associated process Shows processes from all users Also works in reverse: shows services associated with a process

Activity A-6 Monitoring services

The Networking tab Use to view computer’s network bandwidth Displays a combination of the network traffic for all NICs Can compare traffic on each NIC Can customize data columns displayed

Activity A-7 Monitoring network utilization

The Users tab Use to: –Monitor users logged on to the computer –Disconnect users –Send users messages Data columns: –User –ID –Status –Client Name –Session

Activity A-8 Monitoring users

Computer Management Monitor system events Create and manage shared resources Determine which users are connected to monitored system Start and stop services Set properties for storage devices View device configurations Add or change device drivers Manage applications and services

Event Viewer Use to monitor events Determine cause of problems with –Application –Component of operating system –Suspected security breach

Event Viewer

Event Viewer categories Application Security System Setup (Windows 7/Vista) Forwarded Events (Windows 7/Vista)

Event information Level (7/Vista); Type (XP/2000) Date Time Source Task Category (7/Vista); Category (XP/2000) Event ID (7/Vista); Event (XP/2000) User Computer

Event types Error Warning Information Success Audit (Security Log only) Failure Audit (Security Log only)

Event Properties

Activity A-9 Viewing the event logs

Sorting events Default — Events are listed from the newest to the oldest, by date and time Can change the sort order –Click any column heading –One click = ascending order –Second click = descending order To return to default view, choose View, Newest First continued

Sorting events, continued

Grouping events Group events by column heading Choose View, Group By, and choose a column heading To return to default view, choose View, Remove grouping of events continued

Grouping events, continued

Filtering events Filtering displays only certain events Filter criteria: –Logged –Level (in Windows 7/Vista) –Event sources or Source –Event ID –Task category –Keywords –User –Computer continued

Filtering events, continued

Managing event logs Default size Events overwritten Clear events Save events

Activity A-10 Controlling the display of an event log

Topic B Topic A: System monitoring Topic B: System performance Topic C: Backup and restore

Reliability Monitor Track events that affect stability –Software installs and uninstalls –Application failures –Hardware failures –Windows failures –Miscellaneous failures

Reliability Monitor in Vista

Two features to track system health System Stability Chart System Stability Report

Activity B-1 Determining a system’s Stability Index

Resource Overview CPU Hard disk Network Memory (RAM)

Resource Overview

Detailed view of CPU resource

Activity B-2 Viewing real-time performance data in Resource Overview (optional Instructor demonstration on Windows Vista)

Performance Monitor Known as System Monitor in XP Monitor computer performance –Real time –One-second intervals Save reports of data Hundreds of counters available –Create a baseline to compare system performance over time –Monitor system resource use –Locate performance problems –Identify performance bottlenecks

Performance Monitor real-time graph

Performance objects Battery Status Cache Memory Network Interface Objects Paging File PhysicalDisk Process Processor System Thread

Bottlenecks Processor: % Processor Time –Monitors how hard your processor is working Process: Thread Count –Identifies memory leaks in applications Memory: Pages/sec –Points to page faults that cause system delays PhysicalDisk: Disk Transfers/sec –Identifies poor disk-response time Network Interface –Monitors network traffic

Adding counters

Real-time monitoring 1.Select local or remote computer 2.Expand appropriate performance object 3.Select desired counter 4.Select appropriate instance of the counter 5.Click Add 6.When finished adding counters, click OK

Activity B-3 Monitoring performance with Performance Monitor

Performance Monitor configuration ButtonUse to Open saved log files and display them Change graph display type Add and delete counters Highlight counter on graph Display Properties Pause and restart display Update data

Performance Monitor tabs General Source Data Graph Appearance

Activity B-4 Customizing Performance Monitor

Performance Logs and Alerts Collect data View data Configure logs Set up alerts Options –Counter Logs –Trace Logs –Alerts

Configuring Alerts Log an entry in the application event log Send a network message to Start performance data log Run this program Command Line Arguments

Topic C Topic A: System monitoring Topic B: System performance Topic C: Backup and restore

Backups Create automatic backups of your personal files Restore files that you previously backed up Create a Complete PC Backup Archive selected files and folders Restore the archived files and folders Make a copy of your computer’s system state, which includes: –Registry –Boot files –COM+ class registration database –IIS metadirectory –Windows File Protection system files Copy your computer’s system partition, the boot partition, and the files needed to start up the system

Backup modes Wizard mode — Walks you step-by- step through the process Advanced mode — Provides complete control over file and folder selection

Scheduling automatic backups

Backup types in Windows XP Copy Daily Differential Incremental Normal

Backup strategy Grandfather-Father-Son basic strategy –Back up Son –Back up Father –Back up Grandfather

Activity C-1 Scheduling a backup

Restoring files Files can be restored to original or alternate locations Restore all of the files and folders that were backed up or restore selected files from the backup

Activity C-2 Restoring files from backup

System Restore Available in Windows XP and Windows Vista, and Windows 7 Creates snapshots of the system configuration –System checkpoints –Manual restore points –Installation restore points Used to restore computer to a previous configuration Create a restore point before troubleshooting Does not affect user data files

System Protection tab

Activity C-3 Creating a restore point

Restoring a system Try Driver Rollback first If that doesn’t work, use System Restore All Programs, Accessories, System Tools, System Restore Can choose desired restore point Computer will reboot

Additional restore points

Affected programs and files

Activity C-4 Restoring a computer to a previous state

Unit summary Monitored the operating system Monitored system performance Backed up and restored operating system files and data