Computer Performance, Windows 2003, Exchange 2003, Logon Scripts

3CX Phone System for Windows - VOIP IP PBX

3CX Phone System for Windows -
VOIP IP PBX

Get your 5 free applications now

Application Publishing with 2X ApplicationServer

Windows Server 2003 Performance Monitor - Alerts

Guy RecommendsGFi Events Manager

A solution to monitor, manage and archive thousands of events that are generated by devices across the entire network. 
Download FREE trial

OpusFlow Exchange
Group Calendar

OpusFlow Exchange Group Calender

Introduction to Performance Monitor - Alerts

This page will show you how to design Performance Monitor Alerts for Windows 2003 Servers.  An alert is like a guard that rings an alarm bell when an interesting event occurs.  Alerts are a great way of gaining information on intermittent events.

If you take the time to design Alerts, then you will be rewarded with advance knowledge of problems.  As you research the triggers and actions, so you will learn more about how a healthy operating system functions.

Keep an eye out for similarities and differences between Logs and Alerts.  For example, Alerts show up in the Application Event Log where as log counters are displayed in the Monitor.  Surprisingly, Alerts can be scheduled just in the way that you schedule Logs.

Performance Alert Topics

Setting the Alerts

Our goal is to set an performance monitor alert when the processor reaches 70%.  The method and screen shots are taken from Windows Server 2003, however the principles are valid for earlier Microsoft operating systems.

  1. Our first step is to launch the Performance Monitor.  Perhaps you have added Performance Monitor to your MMC?  Or else you can type perfmon in the run box. (See Getting Started if you are stuck

  2. Once Performance Monitor opens, make sure that you click Alerts in the left pane, if necessary expand the Performance Logs and Alerts, see Diagram 1.

  3. Now go to the right pane and right click with the mouse, now select: New Alert Settings.  When the filename box appears, give your alert a meaningful name e.g. Processor.   Diagram 1 Alerts - getting started

  4. Click on the Add button, choose the default object Processor % Processor time.  So far the procedure is similar to setting a System Monitor trace, but now comes the crucial difference.  Find the Limit box and enter 70.  Observe that the adjacent box is set to 'Over', and now click Close, then OK; see Diagram 2.

  5. The Alerts have an extra Action tab, check the default setting is, "Log an event in the application event log".  Later we will visit the Event Viewer and find the Alerts.

  6. The Alert settings are color coded, red means off, while green means sampling in progress.  I control the alert by selecting Start or Stop from the short cut menu.

  7. Unless the processor is under stress, you are unlikely to get any Alerts.  Test machines will not reach the 70 limit without a little help.  So, open a program like Word, the initial execution should fire the alert.  If you still do not get any Alerts, reduce the Limit to 30 and then try again.   As a last resort, change the alert from Over 70 to Under 70.

  8. Needless to say, if the Alert is red then it is stopped and to start it right click and select start.  Now the Alert will be green.

 

Viewing your Alerts

  1. Open the Event Viewer and examine the Application log. (Not System Log)

  2. Seek out SysmonLog entries.  Double click the event to check what has happened, see Diagram 3.

  3. Once the alert has served its purpose, go back to Performance Monitor, right click the green icon and select Stop.

  4. If you make good use of Alerts the log file will soon fill up, so increase the size of the Application Log to 4000 kb.

  5. Another tip is to filter the log so that you just see SysmonLog events.

Summary for Alerts

Monitoring Alerts is particularly for intermittent problems with Windows Server 2003.  Set an alter to trigger when the counter reaches a suitable threshold.  Knowing what values to set is a mystery at first, but if you persevere then you will soon see what worked and what values need adjusting.

At first you wonder where the successful alerts are to be found, but you soon realize the answer: launching the Event Viewer and examining the Application Log.

Alerts Limit

Diagram 2 (above)

Alert Event Viewer

Diagram 3

More help for detecting bottlenecks

 
 


Download your eBook: The Art and Science of Performance Monitoring  for only $5.25

Performance MonitorLearn the secrets of which counters to monitor.  Master performance monitor logging, develop your skills with structured exercises and examples.   Print out a copy to read, while you design logs and alerts to detect network bottlenecks.

 *

Google

Webcomputerperformance.co.uk

GFi Events Manager

Guy Recommends: GFi EventsManager

Here is a solution to monitor, manage and archive thousands of events that are generated by devices across your entire network.  Get your free evaluation copy of GFI EventsManager.

 

Home Copyright © 1999-2008 Computer Performance LTD All rights reserved

Please report a broken link, or an error.