Chapter 3 MONITORING MICROSOFT WINDOWS SERVER 2003 potx
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (589.67 KB, 40 trang )
1
MONITORING
MICROSOFT
WINDOWS
SERVER 2003
Chapter 3
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 2
CHAPTER OVERVIEW
•
Use Event Viewer to monitor system logs.
•
Configure Task Manager to display performance
data.
•
Use System Monitor to display real-time
performance data.
•
Create counter logs and alerts.
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 3
SERVER MONITORING PRACTICES
Real-time monitoring
•
Uses tools that display a continuous stream of
statistics about what the system is doing right now
Logged monitoring
•
Enables administrators to observe trends that
develop over longer periods of time than those
observed in a typical real-time monitoring session
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 4
BASIC MONITORING SUBSYSTEMS
•
Processor
•
Disk
•
Memory
•
Network
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 5
ESTABLISH A BASELINE
WHAT IS A BASELINE?
WHAT IS THE PURPOSE?
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 6
USING EVENT VIEWER TO MONITOR
ERROR
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 7
EVENT VIEWER LOGS
Application
•
Information about specific programs running on the
computer
System
•
Events generated by components such as services
and device drivers
Security
•
Security-related events such as failed logons and
attempts to access resources
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 8
UNDERSTANDING EVENT TYPES
E
E
v
v
e
e
n
n
t
t
T
T
y
y
p
p
e
e
I
I
c
c
o
o
n
n
D
D
e
e
s
s
c
c
r
r
i
i
p
p
t
t
i
i
o
o
n
n
Error A significant problem, such as loss of data
or loss of functionality
Warning An event that might not be significant but
might indicate a future problem
Information An event that describes the successful
operation of an application, driver, or
service
Success
Audit
An audited security access attempt that
succeeds
Failure Audit An audited security access attempt that
fails
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 9
VIEWING EVENTS
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 10
EVENT LOG RETENTION SETTINGS
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 11
USING FILTERS
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 12
FINDING SPECIFIC EVENTS
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 13
ACCESSING REMOTE EVENT LOGS
•
Allows you to view event logs on another system.
•
Select Connect To Another Computer from the
Action menu.
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 14
ARCHIVING EVENT LOGS
•
Might be required in certain environments.
•
Reduces space used by log files.
•
Save as .evt files in order to view in Event Viewer.
•
Save as .txt or .csv (commas separated values)
files to import into other applications.
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 15
USING TASK MANAGER
•
Real-time monitoring tool
•
Displays information on:
•
Processor and memory performance
•
Applications and processes
•
Network utilization
•
Users connected to the system
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 16
WORKING WITH APPLICATIONS
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 17
MONITORING PROCESSES
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 18
MONITORING PERFORMANCE LEVELS
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 19
MONITORING NETWORK ACTIVITY
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 20
MONITORING USERS
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 21
USING THE PERFORMANCE CONSOLE
System Monitor
•
Displays real-time performance data collected from
performance counters
Performance Logs and Alerts
•
Records data from performance counters over a
period of time and executes specific actions when
counters reach a certain value
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 22
USING SYSTEM MONITOR
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 23
MODIFYING THE GRAPH VIEW
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 24
HISTOGRAM VIEW
Chapter 3: MONITORING MICROSOFT WINDOWS SERVER 2003 25
REPORT VIEW
