SlideShare ist ein Scribd-Unternehmen logo

20 Windows Tools Every SysAdmin Should Know

Als PPTX, PDF herunterladen
Power Admin LLC
Power Admin LLC

The following Document outlines what we believe are the top 20 Windows tools every System Administrator should know or be familiar with. Some will you most likely already know about, but we hope you'll find plenty of information here that you didn't know. Everyone that deals with Windows in a system administrator capacity has to know about Task Manager. The nice thing is it keeps getting better with each new version of Windows.

Technologie
1 von 30
20 Windows Tools Every SysAdmin Should Know
1. Task Manager – CPU and memory usage Everyone that deals with Windows in a system administrator capacity has to know about Task Manager. The nice thing is it keeps getting better with each new version of Windows. The screenshots below show Task Manager from Windows 2008 R2. To make sure you see everything, click the button (a check box in older versions) in the lower left corner.
1. Task Manager – CPU and memory usage The Processes tab is probably the most useful. Here you can see the list of running processes, how much memory and CPU each process is using, the user account the process is running under and more. In addition, you can click View -> Select Columns… to show even more information, such as the Session ID a process is in, the full path to the executable, how much virtual memory the process has allocated, and more. One stop system administrator goodness But wait, there's more!
1. Task Manager – CPU and memory usage The Performance tab gives some nice charts of CPU utilization. You can also see total memory, kernel memory, etc. A low amount of Free memory is not a bad thing — it often means Windows is using your RAM to cache parts of the hard disk, thus speeding up many operations. If the RAM is needed, the caches will give it back. One of the best kept secrets, the Resource Monitor, is also accessible from here.
2. Resource monitor – high level disk I/O tracking Have you ever been using a computer or server and noticed it get really sluggish? Sometimes you can hear the disk thrashing and know that some process is busier than you want it to be. If you're lucky, you can check Task Manager and sort by CPU to see which process is using a lot of CPU. But in many cases, the offending process is doing very little with CPU because it's so busy thrashing the disk. Resource Monitor lets you find the culprit.
2. Resource monitor – high level disk I/O tracking Start the Resource Monitor and click the Disk tab. Expand the "Processes with Disk Activity" drop down. Sort the list by the "Total (B/sec)" column to quickly see which process is so busy. To further understand what is happening, you can expand the "Disk Activity" drop down and sort that list by "Total (B/sec)". Looking at the file names will sometimes give a hint about whether the process is doing a backup, writing to a log file, or some other activity.
3. Performance Monitor (aka Perfmon) Performance Monitor is a real gem on Windows, and many IT folks would benefit by becoming more comfortable with it. The operating system publishes many useful stats here (active database connections, active HTTP connections, CPU usage, time per disk read, network usage, process memory, etc.) In addition, other application providers can also include stats, and most (all?) of Microsoft‘s major apps do, like IIS, MS SQL Server and Exchange.
3. Performance Monitor (aka Perfmon) When you first start perfmon.exe or perfmon.msc (they‘re the same), it‘s not much to look at. Make sure to click the ―Performance Monitor‖ node, and then the green plus symbol to add counters to watch. There are soooo many counters that can be monitored that this article can't even begin to cover them all. One thing that will help though – when you‘re looking at the list of counters, check the ―Show description‖ box at the bottom left corner – this will help you understand what the selected counter does.
3. Performance Monitor (aka Perfmon) Also note that Perfmon can connect to other computers on your network and display their counter values. (Side note, there is a compiled list of typical counters to monitor for Microsoft Exchange at: http://www.poweradmin.com /help/latestSMHelp.aspx?pag e=howto_monitor_exchange. aspx )
4. Services The Services applet (services.msc — it‘s the gear looking thingy in Administrator Tools) is where you can control the service processes that are running on Windows. Of particular interest to IT admins is the service‘s start up type (usually automatic or manual) and the Log On As account.
4. Services 'Recovery' is a cool under-used feature. Right click a service and go to Properties. Here you can tell Windows what it should do if the service stops unexpectedly (crashes). Restarting the service is often a good option.
5. Event Log Viewer – system logs, errors and events The Windows Event Log Viewer shows a wealth of information about problems that might be happening on a server, including hardware errors, server restarts and more. The Application and System logs are typically where you'll find what you're looking for, but there are more logs than that on modern Windows. If you have a blue screen, a server hang, or an application misbehaving, look in the Event Log first.
6. PsExec – start apps on remote computers PsExec is not an app that comes with Windows, but it‘s a free utility from Microsoft (originally from Sysinternals) that lets you start apps on a remote computer. In the simple example above, PsExec was started locally, to run ipconfig on a remote computer (‗archive‘) to find out what gateway it is using. PsExec can be very handy in many situations. If you need a redistributable PsExec, take a look at PAExec.
7. Process Monitor - low level file I/O & registry spying Another beauty from Microsoft (Sysinternals) is Process Monitor. From the web page: Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity.‖ The power is in the filtering – you can have it show you only registry access to a particular key, or file I/O operations taking place in a specific folder, or from a specific program. It‘s a great help when something ought to work but doesn‘t because you can (for example) see where a file or registry read is failing.
8. Task Scheduler Unix has its cron, and Windows has Task Scheduler. (Well, Windows also has ‗at‘, but that‘s another story). Task Scheduler can be found in Administrator Tools, or started via taskschd.msc. From the screenshot, you can see that various companies (Google and Adobe for example) will create scheduled tasks so their applications are launched periodically for some background processing. Windows itself has many tasks it uses. And of course, you can easily create your own. One simple example is to compress and/or move log files. Or run a periodic database cleanup script. Or to check for updates. Or ….
9. Netstat – view network connections Being familiar with netstat signals you‘re no mere hobbyist, but a serious IT professional. Netstat shows the status of current network connections – run it without any command line arguments and that‘s what you‘ll see. To see connections along with the process that created them, run netstat –b. To see current connections as well as ports that are listening for incoming connections, run netstat –ab as shown to the right: Note that the process involved with the port is shown below the port information. So mysqld is listening on port 3306, not 3389.
10. Wireshark – view network packets If you ever need to see network packets entering and leaving a computer, look no further than Wireshark. This is a fantastic piece of free software that will capture every packet, and even better, break each one down into its appropriate protocol headers and content. Below I‘ve clicked a packet for an HTTP 302 redirect message coming in from a web server. The documentation is great, and once you get the hang of it, you can spy on all of the applications on your computer, see what servers they are talking too, and what information is being sent and received.
11. RegEdit – configure all the things! Anyone that‘s been in IT for long surely must have taken a peek at their registry. This is where most of the configuration data for most apps and most of the operating system still lives, even in 2013. One handy feature is you can export and import branches of the registry. BUT, do NOT do this if you’re not absolutely sure what you’re doing. This can REALLY screw up your machine. Also note, I‘ve not seen it documented, but you can export files that are bigger than what the importer will read in (IIRC, the importer will only read the first 64KB or so of a registry file).
12. Server Monitoring If you have more than one or two servers to keep track of, automate the monitoring of those servers so you don‘t have to sit and babysit them. There are many good products on the market, all of which will monitor for low disk space, high CPU usage, event log errors, crashed services and more. We're partial to PA Server Monitor, but GFI and SolarWinds also make nice products. If you like low-level control with scripts and config files to spelunk through, Nagios is a very popular (and free) open source product that is very well respected. Open Source Server Monitor List tries to collect all of the big names in open source monitoring.
13. Password Management If you‘re in IT, it‘s very likely you have the keys to the kingdom, so to speak. Please, oh please, don‘t store your passwords in a text file or Excel spreadsheet. solutions you should consider. And do make them long, with non- alphanumeric characters thrown in. This will help keep your systems safe. But then you have passwords that you can‘t remember. So you need a password manager. KeePass and LastPass are two excellent open source
14. Ping and tracert – simple connectivity test Ping is a quick test to check and see if: • A connection to the target IP address is possible • How fast the connection is (in milliseconds) • How stable the connection is (i.e. were packets dropped) Simply run: ping.exe google.com
14. Ping and tracert – simple connectivity test A bit more interesting is tracert (trace route). This uses a bunch of ping packets to detect each computer between you and the target server, and lists how long each hop is. This can help diagnose where a network link is down, or if there is possibly a routing problem. Here you can see the route packets take from an example PC to google.com: There are some neat visual trace route tools on the Internet that display the different network hops on a map. A quick Google search will show you a list of them. Be sure to run -? after both of the commands above to see the various command line options that are also useful.
15. Net.exe and SC.exe Need to stop a service but don‘t want to launch services.msc, wait for the service list to load, find the service, and press the stop button? Net.exe to the rescue! Services have a short "service name" and a more descriptive "display name.‖ Either can be used with the net.exe command. If using the display name (which usually contains spaces), enclose it in quotes. In the example below I‘ve stopped and started the Windows Update service. Another handy command is the sc.exe (Service Control) command – it lets you install, remove, and query services. Just run ―sc.exe query‖ to get a quick list of all the services on the computer and the current status.
16. Notepad++ – for viewing large log files Opening a 100MB log file in Notepad is a pain. WordPad is slightly quicker, but it can‘t open files that are currently being written to (as many log files are). Notepad++ handles large files with ease. One great feature is the ―Find All in Current Document‖. In this contrived example, we're looking for all requests in an IIS log file that came from 192.168.7.37. Piece of cake – they‘re all shown together. You can also mark matching lines, etc. And did I mention it can open huge files without breaking a sweat? Huge fan here!
17. Remote Desktop Remote Desktop apps are life savers when you need to look at a server and don‘t want to walk into the server room. Windows Remote Desktop app (aka RDP) is great. There are RDP clients for Linux, OSX and even the iPhone (and probably more than that). You might have known that you can copy/paste text, URLs, etc. from the remote desktop to your workstation and vice versa. But did you know you can also copy/paste files as a simple form of remote file copy? Very useful.
18. Speedfan – server temperature display There aren‘t many good ways to see a server‘s internal hardware temperatures, even though most motherboards have built-in temperature probes. SpeedFan is a great utility that can read those probes and display them in a simple user interface. If you want to access those temperatures from across the network, use Power Admin‘s free SpeedFan HTTP Agent app. Please note: There are a few reports of server blue screens with SpeedFan, particularly on Dell hardware, so try it out on a staging server before putting it on the production server. Which leads us to…
19. Blue screen crash analysis If you‘ve got a server crashing, there is a cool service by OSR where you can upload the crash dump file and their system will do a quick automated review of the crash dump and give you a starting point for the cause of the crash (hopefully even showing the offending driver that was involved). How do you use their service? Configure Windows to create a crash dump of course! Go to Start and right-click on My Computer and choose Properties. From there, choose the ―Advanced System Settings‖ link. This will lead you to the System Properties dialog in the next slide:
19. Blue screen crash analysis The Settings button will show this dialog… Choose the memory dump type (which controls how much data is dumped). Depending how much RAM you have, a Kernel memory dump may be too large for the free OSR service. So you may need to choose the Small Memory dump option. You can also see where the dump file will be written, which in this case is C:WindowsMEMORY.DMP. Often this will already be configured and the MEMORY.DMP file is out there waiting for you. NOTE: When choosing a Kernel memory dump, you specify the file to save to. When choosing a Small Memory dump, you specify the folder where the dump will be stored.
19. Blue screen crash analysis This .DMP file is what you zip and upload to the OSR page for analysis: http://www.osronline.com/page.cfm?name=analyze
20. That’s all! Your suggestion here! OK, we cheated, there are only 19! :) What do you recommend for #20? If you like this, please share us or leave your comments below! Follow us @poweradmn Circle us Google+ Visit our blog: http://www.poweradmin.com/blog?ref=slideshare

Empfohlen

01 a day in the life of aloha
01 a day in the life of aloha01 a day in the life of aloha
01 a day in the life of alohawi5hbone
 
Users guide
Users guideUsers guide
Users guideHorlarthunji Azeez
 
Inter Process communication and Memory Management
Inter Process communication and Memory ManagementInter Process communication and Memory Management
Inter Process communication and Memory ManagementPoonamChawhan1
 
Operating system
Operating systemOperating system
Operating systemMark Muhama
 
Ch06
Ch06Ch06
Ch06Raja Waseem Akhtar
 
Ch10
Ch10Ch10
Ch10Raja Waseem Akhtar
 
Ch04
Ch04Ch04
Ch04Raja Waseem Akhtar
 
Fundamentals of operating system
Fundamentals of operating systemFundamentals of operating system
Fundamentals of operating systemJayesh Chauhan
 

Empfohlen

01 a day in the life of aloha
01 a day in the life of aloha01 a day in the life of aloha
01 a day in the life of alohawi5hbone
 
Users guide
Users guideUsers guide
Users guideHorlarthunji Azeez
 
Inter Process communication and Memory Management
Inter Process communication and Memory ManagementInter Process communication and Memory Management
Inter Process communication and Memory ManagementPoonamChawhan1
 
Operating system
Operating systemOperating system
Operating systemMark Muhama
 
Ch06
Ch06Ch06
Ch06Raja Waseem Akhtar
 
Ch10
Ch10Ch10
Ch10Raja Waseem Akhtar
 
Ch04
Ch04Ch04
Ch04Raja Waseem Akhtar
 
Fundamentals of operating system
Fundamentals of operating systemFundamentals of operating system
Fundamentals of operating systemJayesh Chauhan
 
CSC1100 - Chapter06 - Operating System & Utility Programs
CSC1100 - Chapter06 - Operating System & Utility ProgramsCSC1100 - Chapter06 - Operating System & Utility Programs
CSC1100 - Chapter06 - Operating System & Utility ProgramsYhal Htet Aung
 
How to get help in windows 10
How to get help in windows 10 How to get help in windows 10
How to get help in windows 10 hpcustomerservices
 
A To Z Optimization Of Computer
A To Z Optimization Of ComputerA To Z Optimization Of Computer
A To Z Optimization Of ComputerShan Sachwani
 
Trnsys17 installationguide
Trnsys17 installationguideTrnsys17 installationguide
Trnsys17 installationguideCarlos Ulloa Sande
 
Operatingsystems lecture2
Operatingsystems lecture2Operatingsystems lecture2
Operatingsystems lecture2Gaurav Meena
 
Understanding operating systems 5th ed ch12
Understanding operating systems 5th ed ch12Understanding operating systems 5th ed ch12
Understanding operating systems 5th ed ch12BarrBoy
 
Cs1 3-operating systems
Cs1 3-operating systemsCs1 3-operating systems
Cs1 3-operating systemsmaria teresa salta
 
operating system question bank
operating system question bankoperating system question bank
operating system question bankrajatdeep kaur
 
Unix Process management
Unix Process managementUnix Process management
Unix Process managementWave Digitech
 
Revant Rastogi
Revant Rastogi Revant Rastogi
Revant Rastogi Revant Rastogi
 
Operating system - Process and its concepts
Operating system - Process and its conceptsOperating system - Process and its concepts
Operating system - Process and its conceptsKaran Thakkar
 
Operating System
Operating SystemOperating System
Operating SystemIndhu Periys
 
Linux System Monitoring
Linux System Monitoring Linux System Monitoring
Linux System Monitoring PriyaTeli
 
Intrusion Discovery on Windows
Intrusion Discovery on WindowsIntrusion Discovery on Windows
Intrusion Discovery on Windowsdkaya
 
Os
OsOs
OsJunicel Estomo
 
Os
OsOs
OsJunicel Estomo
 
Managing and monitoring opportunities in Windows 7
Managing and monitoring opportunities in Windows 7Managing and monitoring opportunities in Windows 7
Managing and monitoring opportunities in Windows 7Sajith Ekanayaka
 
Introduction to Operating Systems
Introduction to Operating SystemsIntroduction to Operating Systems
Introduction to Operating SystemsSuhreed Sarkar
 
Application software and system software
Application software and system softwareApplication software and system software
Application software and system softwareshujra
 
Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...
Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...
Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...Brian Brazil
 
Guide to alfresco monitoring
Guide to alfresco monitoringGuide to alfresco monitoring
Guide to alfresco monitoringMiguel Rodriguez
 
An Introduction to Prometheus (GrafanaCon 2016)
An Introduction to Prometheus (GrafanaCon 2016)An Introduction to Prometheus (GrafanaCon 2016)
An Introduction to Prometheus (GrafanaCon 2016)Brian Brazil
 

Weitere ähnliche Inhalte

Was ist angesagt?

CSC1100 - Chapter06 - Operating System & Utility Programs
CSC1100 - Chapter06 - Operating System & Utility ProgramsCSC1100 - Chapter06 - Operating System & Utility Programs
CSC1100 - Chapter06 - Operating System & Utility ProgramsYhal Htet Aung
 
How to get help in windows 10
How to get help in windows 10 How to get help in windows 10
How to get help in windows 10 hpcustomerservices
 
A To Z Optimization Of Computer
A To Z Optimization Of ComputerA To Z Optimization Of Computer
A To Z Optimization Of ComputerShan Sachwani
 
Operatingsystems lecture2
Operatingsystems lecture2Operatingsystems lecture2
Operatingsystems lecture2Gaurav Meena
 
Understanding operating systems 5th ed ch12
Understanding operating systems 5th ed ch12Understanding operating systems 5th ed ch12
Understanding operating systems 5th ed ch12BarrBoy
 
operating system question bank
operating system question bankoperating system question bank
operating system question bankrajatdeep kaur
 
Unix Process management
Unix Process managementUnix Process management
Unix Process managementWave Digitech
 
Operating system - Process and its concepts
Operating system - Process and its conceptsOperating system - Process and its concepts
Operating system - Process and its conceptsKaran Thakkar
 

Was ist angesagt? (12)

CSC1100 - Chapter06 - Operating System & Utility Programs
CSC1100 - Chapter06 - Operating System & Utility ProgramsCSC1100 - Chapter06 - Operating System & Utility Programs
CSC1100 - Chapter06 - Operating System & Utility Programs
 
How to get help in windows 10
How to get help in windows 10 How to get help in windows 10
How to get help in windows 10
 
A To Z Optimization Of Computer
A To Z Optimization Of ComputerA To Z Optimization Of Computer
A To Z Optimization Of Computer
 
Trnsys17 installationguide
Trnsys17 installationguideTrnsys17 installationguide
Trnsys17 installationguide
 
Operatingsystems lecture2
Operatingsystems lecture2Operatingsystems lecture2
Operatingsystems lecture2
 
Understanding operating systems 5th ed ch12
Understanding operating systems 5th ed ch12Understanding operating systems 5th ed ch12
Understanding operating systems 5th ed ch12
 
Cs1 3-operating systems
Cs1 3-operating systemsCs1 3-operating systems
Cs1 3-operating systems
 
operating system question bank
operating system question bankoperating system question bank
operating system question bank
 
Unix Process management
Unix Process managementUnix Process management
Unix Process management
 
Revant Rastogi
Revant Rastogi Revant Rastogi
Revant Rastogi
 
Operating system - Process and its concepts
Operating system - Process and its conceptsOperating system - Process and its concepts
Operating system - Process and its concepts
 
Operating System
Operating SystemOperating System
Operating System
 

Ähnlich wie 20 Windows Tools Every SysAdmin Should Know

Linux System Monitoring
Linux System Monitoring Linux System Monitoring
Linux System Monitoring PriyaTeli
 
Intrusion Discovery on Windows
Intrusion Discovery on WindowsIntrusion Discovery on Windows
Intrusion Discovery on Windowsdkaya
 
Managing and monitoring opportunities in Windows 7
Managing and monitoring opportunities in Windows 7Managing and monitoring opportunities in Windows 7
Managing and monitoring opportunities in Windows 7Sajith Ekanayaka
 
Introduction to Operating Systems
Introduction to Operating SystemsIntroduction to Operating Systems
Introduction to Operating SystemsSuhreed Sarkar
 
Application software and system software
Application software and system softwareApplication software and system software
Application software and system softwareshujra
 
Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...
Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...
Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...Brian Brazil
 
Guide to alfresco monitoring
Guide to alfresco monitoringGuide to alfresco monitoring
Guide to alfresco monitoringMiguel Rodriguez
 
An Introduction to Prometheus (GrafanaCon 2016)
An Introduction to Prometheus (GrafanaCon 2016)An Introduction to Prometheus (GrafanaCon 2016)
An Introduction to Prometheus (GrafanaCon 2016)Brian Brazil
 
Control panel by
Control panel byControl panel by
Control panel byNoor Fatima
 
Sap basis made_easy321761331053730
Sap basis made_easy321761331053730Sap basis made_easy321761331053730
Sap basis made_easy321761331053730K Hari Shankar
 
Why software performance reduces with time?.pdf
Why software performance reduces with time?.pdfWhy software performance reduces with time?.pdf
Why software performance reduces with time?.pdfMike Brown
 
operating systems By ZAK
operating systems By ZAKoperating systems By ZAK
operating systems By ZAKTabsheer Hasan
 
Checking Windows for signs of compromise
Checking Windows for signs of compromiseChecking Windows for signs of compromise
Checking Windows for signs of compromiseCal Bryant
 
Computer system software
Computer system softwareComputer system software
Computer system softwareMozaSaid
 

Ähnlich wie 20 Windows Tools Every SysAdmin Should Know (20)

Linux System Monitoring
Linux System Monitoring Linux System Monitoring
Linux System Monitoring
 
Intrusion Discovery on Windows
Intrusion Discovery on WindowsIntrusion Discovery on Windows
Intrusion Discovery on Windows
 
Os
OsOs
Os
 
Os
OsOs
Os
 
Managing and monitoring opportunities in Windows 7
Managing and monitoring opportunities in Windows 7Managing and monitoring opportunities in Windows 7
Managing and monitoring opportunities in Windows 7
 
Introduction to Operating Systems
Introduction to Operating SystemsIntroduction to Operating Systems
Introduction to Operating Systems
 
Application software and system software
Application software and system softwareApplication software and system software
Application software and system software
 
Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...
Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...
Monitoring What Matters: The Prometheus Approach to Whitebox Monitoring (Berl...
 
Guide to alfresco monitoring
Guide to alfresco monitoringGuide to alfresco monitoring
Guide to alfresco monitoring
 
An Introduction to Prometheus (GrafanaCon 2016)
An Introduction to Prometheus (GrafanaCon 2016)An Introduction to Prometheus (GrafanaCon 2016)
An Introduction to Prometheus (GrafanaCon 2016)
 
Ch24 system administration
Ch24 system administration Ch24 system administration
Ch24 system administration
 
Ch24
Ch24Ch24
Ch24
 
Control panel by
Control panel byControl panel by
Control panel by
 
Sap basis made_easy321761331053730
Sap basis made_easy321761331053730Sap basis made_easy321761331053730
Sap basis made_easy321761331053730
 
Why software performance reduces with time?.pdf
Why software performance reduces with time?.pdfWhy software performance reduces with time?.pdf
Why software performance reduces with time?.pdf
 
operating systems By ZAK
operating systems By ZAKoperating systems By ZAK
operating systems By ZAK
 
Checking Windows for signs of compromise
Checking Windows for signs of compromiseChecking Windows for signs of compromise
Checking Windows for signs of compromise
 
Computer system software
Computer system softwareComputer system software
Computer system software
 
Compyter system softwere
Compyter system softwereCompyter system softwere
Compyter system softwere
 
Activity 5
Activity 5Activity 5
Activity 5
 

Mehr von Power Admin LLC

What is HIPAA Compliance?
What is HIPAA Compliance?What is HIPAA Compliance?
What is HIPAA Compliance?Power Admin LLC
 
Optimize and speed up windows 7
Optimize and speed up windows 7Optimize and speed up windows 7
Optimize and speed up windows 7Power Admin LLC
 
Cogent Consutlting Case Study
Cogent Consutlting Case StudyCogent Consutlting Case Study
Cogent Consutlting Case StudyPower Admin LLC
 
Power Admin File Sight™
Power Admin File Sight™Power Admin File Sight™
Power Admin File Sight™Power Admin LLC
 
Power Admin Server Monitor™
Power Admin Server Monitor™Power Admin Server Monitor™
Power Admin Server Monitor™Power Admin LLC
 

Mehr von Power Admin LLC (8)

5 Tech Blogs
5 Tech Blogs5 Tech Blogs
5 Tech Blogs
 
Top 5 Fake News Site
Top 5 Fake News SiteTop 5 Fake News Site
Top 5 Fake News Site
 
What is HIPAA Compliance?
What is HIPAA Compliance?What is HIPAA Compliance?
What is HIPAA Compliance?
 
How to Monitor IIS
How to Monitor IISHow to Monitor IIS
How to Monitor IIS
 
Optimize and speed up windows 7
Optimize and speed up windows 7Optimize and speed up windows 7
Optimize and speed up windows 7
 
Cogent Consutlting Case Study
Cogent Consutlting Case StudyCogent Consutlting Case Study
Cogent Consutlting Case Study
 
Power Admin File Sight™
Power Admin File Sight™Power Admin File Sight™
Power Admin File Sight™
 
Power Admin Server Monitor™
Power Admin Server Monitor™Power Admin Server Monitor™
Power Admin Server Monitor™
 

Kürzlich hochgeladen

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 

Kürzlich hochgeladen (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 

20 Windows Tools Every SysAdmin Should Know

  • 1. 20 Windows Tools Every SysAdmin Should Know
  • 2. 1. Task Manager – CPU and memory usage Everyone that deals with Windows in a system administrator capacity has to know about Task Manager. The nice thing is it keeps getting better with each new version of Windows. The screenshots below show Task Manager from Windows 2008 R2. To make sure you see everything, click the button (a check box in older versions) in the lower left corner.
  • 3. 1. Task Manager – CPU and memory usage The Processes tab is probably the most useful. Here you can see the list of running processes, how much memory and CPU each process is using, the user account the process is running under and more. In addition, you can click View -> Select Columns… to show even more information, such as the Session ID a process is in, the full path to the executable, how much virtual memory the process has allocated, and more. One stop system administrator goodness But wait, there's more!
  • 4. 1. Task Manager – CPU and memory usage The Performance tab gives some nice charts of CPU utilization. You can also see total memory, kernel memory, etc. A low amount of Free memory is not a bad thing — it often means Windows is using your RAM to cache parts of the hard disk, thus speeding up many operations. If the RAM is needed, the caches will give it back. One of the best kept secrets, the Resource Monitor, is also accessible from here.
  • 5. 2. Resource monitor – high level disk I/O tracking Have you ever been using a computer or server and noticed it get really sluggish? Sometimes you can hear the disk thrashing and know that some process is busier than you want it to be. If you're lucky, you can check Task Manager and sort by CPU to see which process is using a lot of CPU. But in many cases, the offending process is doing very little with CPU because it's so busy thrashing the disk. Resource Monitor lets you find the culprit.
  • 6. 2. Resource monitor – high level disk I/O tracking Start the Resource Monitor and click the Disk tab. Expand the "Processes with Disk Activity" drop down. Sort the list by the "Total (B/sec)" column to quickly see which process is so busy. To further understand what is happening, you can expand the "Disk Activity" drop down and sort that list by "Total (B/sec)". Looking at the file names will sometimes give a hint about whether the process is doing a backup, writing to a log file, or some other activity.
  • 7. 3. Performance Monitor (aka Perfmon) Performance Monitor is a real gem on Windows, and many IT folks would benefit by becoming more comfortable with it. The operating system publishes many useful stats here (active database connections, active HTTP connections, CPU usage, time per disk read, network usage, process memory, etc.) In addition, other application providers can also include stats, and most (all?) of Microsoft‘s major apps do, like IIS, MS SQL Server and Exchange.
  • 8. 3. Performance Monitor (aka Perfmon) When you first start perfmon.exe or perfmon.msc (they‘re the same), it‘s not much to look at. Make sure to click the ―Performance Monitor‖ node, and then the green plus symbol to add counters to watch. There are soooo many counters that can be monitored that this article can't even begin to cover them all. One thing that will help though – when you‘re looking at the list of counters, check the ―Show description‖ box at the bottom left corner – this will help you understand what the selected counter does.
  • 9. 3. Performance Monitor (aka Perfmon) Also note that Perfmon can connect to other computers on your network and display their counter values. (Side note, there is a compiled list of typical counters to monitor for Microsoft Exchange at: http://www.poweradmin.com /help/latestSMHelp.aspx?pag e=howto_monitor_exchange. aspx )
  • 10. 4. Services The Services applet (services.msc — it‘s the gear looking thingy in Administrator Tools) is where you can control the service processes that are running on Windows. Of particular interest to IT admins is the service‘s start up type (usually automatic or manual) and the Log On As account.
  • 11. 4. Services 'Recovery' is a cool under-used feature. Right click a service and go to Properties. Here you can tell Windows what it should do if the service stops unexpectedly (crashes). Restarting the service is often a good option.
  • 12. 5. Event Log Viewer – system logs, errors and events The Windows Event Log Viewer shows a wealth of information about problems that might be happening on a server, including hardware errors, server restarts and more. The Application and System logs are typically where you'll find what you're looking for, but there are more logs than that on modern Windows. If you have a blue screen, a server hang, or an application misbehaving, look in the Event Log first.
  • 13. 6. PsExec – start apps on remote computers PsExec is not an app that comes with Windows, but it‘s a free utility from Microsoft (originally from Sysinternals) that lets you start apps on a remote computer. In the simple example above, PsExec was started locally, to run ipconfig on a remote computer (‗archive‘) to find out what gateway it is using. PsExec can be very handy in many situations. If you need a redistributable PsExec, take a look at PAExec.
  • 14. 7. Process Monitor - low level file I/O & registry spying Another beauty from Microsoft (Sysinternals) is Process Monitor. From the web page: Process Monitor is an advanced monitoring tool for Windows that shows real-time file system, Registry and process/thread activity.‖ The power is in the filtering – you can have it show you only registry access to a particular key, or file I/O operations taking place in a specific folder, or from a specific program. It‘s a great help when something ought to work but doesn‘t because you can (for example) see where a file or registry read is failing.
  • 15. 8. Task Scheduler Unix has its cron, and Windows has Task Scheduler. (Well, Windows also has ‗at‘, but that‘s another story). Task Scheduler can be found in Administrator Tools, or started via taskschd.msc. From the screenshot, you can see that various companies (Google and Adobe for example) will create scheduled tasks so their applications are launched periodically for some background processing. Windows itself has many tasks it uses. And of course, you can easily create your own. One simple example is to compress and/or move log files. Or run a periodic database cleanup script. Or to check for updates. Or ….
  • 16. 9. Netstat – view network connections Being familiar with netstat signals you‘re no mere hobbyist, but a serious IT professional. Netstat shows the status of current network connections – run it without any command line arguments and that‘s what you‘ll see. To see connections along with the process that created them, run netstat –b. To see current connections as well as ports that are listening for incoming connections, run netstat –ab as shown to the right: Note that the process involved with the port is shown below the port information. So mysqld is listening on port 3306, not 3389.
  • 17. 10. Wireshark – view network packets If you ever need to see network packets entering and leaving a computer, look no further than Wireshark. This is a fantastic piece of free software that will capture every packet, and even better, break each one down into its appropriate protocol headers and content. Below I‘ve clicked a packet for an HTTP 302 redirect message coming in from a web server. The documentation is great, and once you get the hang of it, you can spy on all of the applications on your computer, see what servers they are talking too, and what information is being sent and received.
  • 18. 11. RegEdit – configure all the things! Anyone that‘s been in IT for long surely must have taken a peek at their registry. This is where most of the configuration data for most apps and most of the operating system still lives, even in 2013. One handy feature is you can export and import branches of the registry. BUT, do NOT do this if you’re not absolutely sure what you’re doing. This can REALLY screw up your machine. Also note, I‘ve not seen it documented, but you can export files that are bigger than what the importer will read in (IIRC, the importer will only read the first 64KB or so of a registry file).
  • 19. 12. Server Monitoring If you have more than one or two servers to keep track of, automate the monitoring of those servers so you don‘t have to sit and babysit them. There are many good products on the market, all of which will monitor for low disk space, high CPU usage, event log errors, crashed services and more. We're partial to PA Server Monitor, but GFI and SolarWinds also make nice products. If you like low-level control with scripts and config files to spelunk through, Nagios is a very popular (and free) open source product that is very well respected. Open Source Server Monitor List tries to collect all of the big names in open source monitoring.
  • 20. 13. Password Management If you‘re in IT, it‘s very likely you have the keys to the kingdom, so to speak. Please, oh please, don‘t store your passwords in a text file or Excel spreadsheet. solutions you should consider. And do make them long, with non- alphanumeric characters thrown in. This will help keep your systems safe. But then you have passwords that you can‘t remember. So you need a password manager. KeePass and LastPass are two excellent open source
  • 21. 14. Ping and tracert – simple connectivity test Ping is a quick test to check and see if: • A connection to the target IP address is possible • How fast the connection is (in milliseconds) • How stable the connection is (i.e. were packets dropped) Simply run: ping.exe google.com
  • 22. 14. Ping and tracert – simple connectivity test A bit more interesting is tracert (trace route). This uses a bunch of ping packets to detect each computer between you and the target server, and lists how long each hop is. This can help diagnose where a network link is down, or if there is possibly a routing problem. Here you can see the route packets take from an example PC to google.com: There are some neat visual trace route tools on the Internet that display the different network hops on a map. A quick Google search will show you a list of them. Be sure to run -? after both of the commands above to see the various command line options that are also useful.
  • 23. 15. Net.exe and SC.exe Need to stop a service but don‘t want to launch services.msc, wait for the service list to load, find the service, and press the stop button? Net.exe to the rescue! Services have a short "service name" and a more descriptive "display name.‖ Either can be used with the net.exe command. If using the display name (which usually contains spaces), enclose it in quotes. In the example below I‘ve stopped and started the Windows Update service. Another handy command is the sc.exe (Service Control) command – it lets you install, remove, and query services. Just run ―sc.exe query‖ to get a quick list of all the services on the computer and the current status.
  • 24. 16. Notepad++ – for viewing large log files Opening a 100MB log file in Notepad is a pain. WordPad is slightly quicker, but it can‘t open files that are currently being written to (as many log files are). Notepad++ handles large files with ease. One great feature is the ―Find All in Current Document‖. In this contrived example, we're looking for all requests in an IIS log file that came from 192.168.7.37. Piece of cake – they‘re all shown together. You can also mark matching lines, etc. And did I mention it can open huge files without breaking a sweat? Huge fan here!
  • 25. 17. Remote Desktop Remote Desktop apps are life savers when you need to look at a server and don‘t want to walk into the server room. Windows Remote Desktop app (aka RDP) is great. There are RDP clients for Linux, OSX and even the iPhone (and probably more than that). You might have known that you can copy/paste text, URLs, etc. from the remote desktop to your workstation and vice versa. But did you know you can also copy/paste files as a simple form of remote file copy? Very useful.
  • 26. 18. Speedfan – server temperature display There aren‘t many good ways to see a server‘s internal hardware temperatures, even though most motherboards have built-in temperature probes. SpeedFan is a great utility that can read those probes and display them in a simple user interface. If you want to access those temperatures from across the network, use Power Admin‘s free SpeedFan HTTP Agent app. Please note: There are a few reports of server blue screens with SpeedFan, particularly on Dell hardware, so try it out on a staging server before putting it on the production server. Which leads us to…
  • 27. 19. Blue screen crash analysis If you‘ve got a server crashing, there is a cool service by OSR where you can upload the crash dump file and their system will do a quick automated review of the crash dump and give you a starting point for the cause of the crash (hopefully even showing the offending driver that was involved). How do you use their service? Configure Windows to create a crash dump of course! Go to Start and right-click on My Computer and choose Properties. From there, choose the ―Advanced System Settings‖ link. This will lead you to the System Properties dialog in the next slide:
  • 28. 19. Blue screen crash analysis The Settings button will show this dialog… Choose the memory dump type (which controls how much data is dumped). Depending how much RAM you have, a Kernel memory dump may be too large for the free OSR service. So you may need to choose the Small Memory dump option. You can also see where the dump file will be written, which in this case is C:WindowsMEMORY.DMP. Often this will already be configured and the MEMORY.DMP file is out there waiting for you. NOTE: When choosing a Kernel memory dump, you specify the file to save to. When choosing a Small Memory dump, you specify the folder where the dump will be stored.
  • 29. 19. Blue screen crash analysis This .DMP file is what you zip and upload to the OSR page for analysis: http://www.osronline.com/page.cfm?name=analyze
  • 30. 20. That’s all! Your suggestion here! OK, we cheated, there are only 19! :) What do you recommend for #20? If you like this, please share us or leave your comments below! Follow us @poweradmn Circle us Google+ Visit our blog: http://www.poweradmin.com/blog?ref=slideshare