DOCSLIB.ORG

Microsoft Windows Server 2003 Performance Guide Ebook

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

A01TX1106989.fm Page 55 Monday, March 21, 2005 10:26 AM PUBLISHED BY Microsoft Press A Division of Microsoft Corporation One Microsoft Way Redmond, Washington 98052-6399 Copyright © 2005 by Microsoft Corporation All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher. Library of Congress Congress Control Number 2005921847 Printed and bound in the United States of America. 1 2 3 4 5 6 7 8 9 QWT 8 7 6 5 4 3 Distributed in Canada by H.B. Fenn and Company Ltd. A CIP catalogue record for this book is available from the British Library. A CIP catalogue record for this book is available from the British Library. Microsoft Press books are available through booksellers and distributors worldwide. For further information about international editions, contact your local Microsoft Corporation office or contact Microsoft Press Inter- national directly at fax (425) 936-7329. Visit our Web site at www.microsoft.com/mspress. Send comments to [email protected]. Microsoft, Active Directory, ActiveX, Microsoft Press, MSDN, MSN, Visual Basic, Win32, Windows, Win- dows Media, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious. No association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. This book expresses the author’s views and opinions. The information contained in this book is provided with- out any express, statutory, or implied warranties. Neither the authors, Microsoft Corporation, nor its resellers, or distributors will be held liable for any damages caused or alleged to be caused either directly or indirectly by this book. Acquisitions Editor: Martin DelRe Project Editor: Karen Szall Copy Editor: Victoria Thulman Technical Editor: Mitch Tulloch Indexer: Tony Ross and Lee Ross SubAsy Part No. X11-06988 Body Part No. X11-06989 Contents at a Glance 1 Performance Monitoring Overview . 1 2 Performance Monitoring Tools . 125 3 Measuring Server Performance. 235 4 Performance Monitoring Procedures. 313 5 Performance Troubleshooting. 401 6 Advanced Performance Topics . 537 Contents About the Author . xi Acknowledgments . .xiii Introduction. xv Document Conventions . xv Resource Kit Companion CD . xvi 1 Performance Monitoring Overview . 1 Introducing Performance Monitoring . 2 Learning About Performance Monitoring . 3 Proactive Performance Monitoring . 4 Diagnosing Performance Problems. 5 Scalability. .8 Performance Monitoring Concepts . 12 Definitions . 13 Bottlenecks . 22 Utilization Law . 28 Queue Time and Utilization . 29 Little’s Law . 33 Conclusions . 36 System Architecture . .37 Using the Performance Monitor . 37 Operating Systems . 38 Processors . 43 Memory and Paging . 61 The I/O Subsystem . 89 Network Interfaces. 98 Summary . 123 2 Performance Monitoring Tools . 125 Summary of Monitoring Tools . 126 Performance Statistics . 126 Microsoft is interested in hearing your feedback about this publication so we can What do you think of this book? continually improve our books and learning resources for you. To participate in a brief We want to hear from you! online survey, please visit: www.microsoft.com/learning/booksurvey/ v vi Contents Event Traces . 127 Load Generating and Testing. 128 Administrative Controls . 128 Required Security for Tool Usage . 128 Performance Monitoring Statistics . 133 Performance Objects. 134 Performance Counters . 140 System Monitor . 144 Viewing a Chart in Real Time. 145 Changing the Sampling Interval . 146 Creating a Custom Monitoring Configuration . 147 Saving Real-Time Data . 148 Customizing How Data Is Viewed. 149 Tips for Working with System Monitor . 151 Task Manager . 154 Working with Task Manager . 155 Monitoring Applications. 156 Monitoring Processes . 157 Monitoring Performance . 161 Monitoring the Network . 163 Monitoring Users . 167 Automated Performance Monitoring . 168 Performance Logs and Alerts. 168 Counter Logs . 169 Tips for Working with Performance Logs and Alerts . 178 Creating Performance Logs Using Logman. 178 Managing Performance Logs. 191 Using the Relog Tool. 192 Using Typeperf Queries . 200 Windows Performance Monitoring Architecture . 207 Performance Library DLLs . 207 Performance Counter Text String Files . 208 Performance Data Helper Processing. ..
Recommended publications
  • Technical Evaluation and Legal Opinion of Warden: a Network Forensics Tool, Version 1.0 Author(S): Rod Yazdan, Newton Mccollum, Jennifer Ockerman, Ph.D

    Technical Evaluation and Legal Opinion of Warden: a Network Forensics Tool, Version 1.0 Author(S): Rod Yazdan, Newton Mccollum, Jennifer Ockerman, Ph.D

    NCJRS O FFICE OF JU STI CE PR OG RAM Se ~ N ATIONAL C RIMINAL JUSTICE REFERENCE SERVICE QJA BJS N/J OJJF OVC SMART '~ ..) The author(s) shown below used Federal funding provided by the U.S. Department of Justice to prepare the following resource: Document Title: Technical Evaluation and Legal Opinion of Warden: A Network Forensics Tool, Version 1.0 Author(s): Rod Yazdan, Newton McCollum, Jennifer Ockerman, Ph.D. Document Number: 252944 Date Received: May 2019 Award Number: 2013-MU-CX-K111 This resource has not been published by the U.S. Department of Justice. This resource is being made publically available through the Office of Justice Programs’ National Criminal Justice Reference Service. Opinions or points of view expressed are those of the author(s) and do not necessarily reflect the official position or policies of the U.S. Department of Justice. nl JOHNS HOPKINS ..APPLIED PHYSICS LABORATORY 11100 Johns Hopkins Road • Laurel, Maryland 20723-6099 AOS-18-1223 NIJ RT&E Center Project 15WA October 2018 TECHNICAL EVALUATION AND LEGAL OPINION OF WARDEN: A NETWORK FORENSICS TOOL Version 1.0 Rod Yazdan Newton McCollum Jennifer Ockerman, PhD Prepared for: r I I Nation~/ Institute Nl.I of Justice STRENGTHEN SCIENCE. ADVANCE JUSTICE. Prepared by: The Johns Hopkins University Applied Physics Laboratory 11100 Johns Hopkins Rd. Laurel, MD 20723-6099 Task No.: FGSGJ Contract No.: 2013-MU-CX-K111/115912 This project was supported by Award No. 2013-MU-CX-K111, awarded by the National Institute of Justice, Office of Justice Programs, U.S. Department of Justice.
  • Comparing Systems Using Sample Data

    Comparing Systems Using Sample Data

    Operating System and Process Monitoring Tools Arik Brooks, [email protected] Abstract: Monitoring the performance of operating systems and processes is essential to debug processes and systems, effectively manage system resources, making system decisions, and evaluating and examining systems. These tools are primarily divided into two main categories: real time and log-based. Real time monitoring tools are concerned with measuring the current system state and provide up to date information about the system performance. Log-based monitoring tools record system performance information for post-processing and analysis and to find trends in the system performance. This paper presents a survey of the most commonly used tools for monitoring operating system and process performance in Windows- and Unix-based systems and describes the unique challenges of real time and log-based performance monitoring. See Also: Table of Contents: 1. Introduction 2. Real Time Performance Monitoring Tools 2.1 Windows-Based Tools 2.1.1 Task Manager (taskmgr) 2.1.2 Performance Monitor (perfmon) 2.1.3 Process Monitor (pmon) 2.1.4 Process Explode (pview) 2.1.5 Process Viewer (pviewer) 2.2 Unix-Based Tools 2.2.1 Process Status (ps) 2.2.2 Top 2.2.3 Xosview 2.2.4 Treeps 2.3 Summary of Real Time Monitoring Tools 3. Log-Based Performance Monitoring Tools 3.1 Windows-Based Tools 3.1.1 Event Log Service and Event Viewer 3.1.2 Performance Logs and Alerts 3.1.3 Performance Data Log Service 3.2 Unix-Based Tools 3.2.1 System Activity Reporter (sar) 3.2.2 Cpustat 3.3 Summary of Log-Based Monitoring Tools 4.
  • Solarwinds Web Performance Monitor Administrator Guide

    Solarwinds Web Performance Monitor Administrator Guide

    ADMINISTRATOR GUIDE Web Performance Monitor Version 2.2.2 Last Updated: Monday, June 11, 2018 ADMINISTRATOR GUIDE: WEB PERFORMANCE MONITOR © 2018 SolarWinds Worldwide, LLC. All rights reserved. This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors. SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes
  • Windows Operations Agent User Guide

    Windows Operations Agent User Guide

    Windows Operations Agent User Guide 1.6 VMC-WAD VISUAL Message Center Windows Operations Agent User Guide The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement. Copyright Notice Copyright © 2013 Tango/04 All rights reserved. Document date: August 2012 Document version: 2.31 Product version: 1.6 No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or computer language, in any form or by any means, electronic mechani- cal, magnetic, optical, chemical, manual, or otherwise, without the prior written permission of Tango/04. Trademarks Any references to trademarked product names are owned by their respective companies. Technical Support For technical support visit our web site at www.tango04.com. Tango/04 Computing Group S.L. Avda. Meridiana 358, 5 A-B Barcelona, 08027 Spain Tel: +34 93 274 0051 Table of Contents Table of Contents Table of Contents.............................................................................. iii How to Use this Guide.........................................................................x Chapter 1 Introduction ......................................................................................1 1.1. What You Will Find in this User Guide............................................................2 Chapter 2 Configuration ....................................................................................3 2.1. Monitor Configuration......................................................................................3
  • Performance Monitor

    Performance Monitor

    PeopleTools 8.57: Performance Monitor March 2020 PeopleTools 8.57: Performance Monitor Copyright © 1988, 2020, Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government. This software or hardware is developed for general use in a variety of information management applications.
  • Windows NT Network Management: Reducing Total Cost of Ownership - 9 - Performance Monitoring

    Windows NT Network Management: Reducing Total Cost of Ownership - 9 - Performance Monitoring

    Windows NT ...: Reducing Total Cost of Ownership - Chapter 9 - Performance Monitorin Page 1 of 13 [Figures are not included in this sample chapter] Windows NT Network Management: Reducing Total Cost of Ownership - 9 - Performance Monitoring AN OLD ADAGE SAYS, "IF YOU can’t measure it, you can’t manage it." Even if you can measure something, how can you tell if your changes are making a difference if you don’t have baseline information? It’s important to monitor a server’s or work- station’s performance to maximize your investment in these tools. If a user complains that her computer is too slow, you often need more information to fix the problem. For example, if the problem is loading Web pages on a computer using an analog modem, the modem is probably limiting the system’s performance. However, if the computer is an older model, certain operations may wait for the CPU to finish processing. In this case, a complete system upgrade may be the best solution. The usefulness of performance monitoring goes far beyond handling user expectations. A network and systems administrator can use information obtained by analyzing the operations of existing hardware, software, and networking devices to predict the timing of upgrades, justify the cost of replacing and upgrading devices, and assist in troubleshooting. Performance monitoring ultimately reduces TCO and is a vital part of managing any IT environment. Performance monitoring helps answer important questions about your current environment. For example, you may want to know which activity specifically uses the most resources in your environment. If you determine that it is loading Web pages, then upgrading the RAM or the CPU speed of client machines may not help much.
  • Lecture 4: September 13 4.1 Process State

    Lecture 4: September 13 4.1 Process State

    CMPSCI 377 Operating Systems Fall 2012 Lecture 4: September 13 Lecturer: Prashant Shenoy TA: Sean Barker & Demetre Lavigne 4.1 Process State 4.1.1 Process A process is a dynamic instance of a computer program that is being sequentially executed by a computer system that has the ability to run several computer programs concurrently. A computer program itself is just a passive collection of instructions, while a process is the actual execution of those instructions. Several processes may be associated with the same program; for example, opening up several windows of the same program typically means more than one process is being executed. The state of a process consists of - code for the running program (text segment), its static data, its heap and the heap pointer (HP) where dynamic data is kept, program counter (PC), stack and the stack pointer (SP), value of CPU registers, set of OS resources in use (list of open files etc.), and the current process execution state (new, ready, running etc.). Some state may be stored in registers, such as the program counter. 4.1.2 Process Execution States Processes go through various process states which determine how the process is handled by the operating system kernel. The specific implementations of these states vary in different operating systems, and the names of these states are not standardised, but the general high-level functionality is the same. When a process is first started/created, it is in new state. It needs to wait for the process scheduler (of the operating system) to set its status to "new" and load it into main memory from secondary storage device (such as a hard disk or a CD-ROM).
  • Process Scheduling & Synchronization Intro

    Process Scheduling & Synchronization Intro

    Process Scheduling & Synchronization intro CS 241 February 29, 2012 Copyright © University of Illinois CS 241 Staff 1 Announcements Mid-semester feedback survey (linked off web page) MP4 due Friday (not Tuesday) Midterm • Next Tuesday, 7-9 p.m. • Study guide released this Wednesday • Next Monday’s lecture: review session 2 Today Interactive scheduling • Round robin • Priority scheduling • How long is a quantum? Synchronization intro 3 Process scheduling Deciding which process/thread should occupy each resource (CPU, disk, etc.) at each moment Scheduling is everywhere... • disk reads • process/thread resource allocation • servicing clients in a web server • compute jobs in clusters / data centers • jobs using physical machines in factories 4 Scheduling algorithms Batch systems • Usually non-preemptive: running process keeps CPU until it voluntarily gives it up . Process exits . Switches to blocked state • First come first serve (FCFS) • Shortest job first (SJF) (also preemptive version) Interactive systems • Running process is forced to give up CPU after time quantum expires . Via interrupts or signals (we’ll see these later) • Round robin These are some of the important ones to • Priority know, not a comprehensive list! 5 Thus far: Batch scheduling FCFS, SJF, SRPT useful when fast response not necessary • weather simulation • processing click logs to match advertisements with users • ... What if we need to respond to events quickly? • human interacting with computer • packets arriving every few milliseconds • ... 6 Interactive Scheduling Usually preemptive • Time is sliced into quanta, i.e., time intervals • Scheduling decisions are made at the beginning of each quantum Performance metrics • Average response time • Fairness (or proportional resource allocation) Representative algorithms • Round-robin • Priority scheduling 7 Round-robin One of the oldest, simplest, most commonly used scheduling algorithms Select process/thread from ready queue in a round-robin fashion (i.e., take turns) 1 2 3 1 2 3 1 2 3 1 2 3 1 2 3 1 2 3 1 2 3 ..
  • System Calls & Signals

    System Calls & Signals

    CS345 OPERATING SYSTEMS System calls & Signals Panagiotis Papadopoulos [email protected] 1 SYSTEM CALL When a program invokes a system call, it is interrupted and the system switches to Kernel space. The Kernel then saves the process execution context (so that it can resume the program later) and determines what is being requested. The Kernel carefully checks that the request is valid and that the process invoking the system call has enough privilege. For instance some system calls can only be called by a user with superuser privilege (often referred to as root). If everything is good, the Kernel processes the request in Kernel Mode and can access the device drivers in charge of controlling the hardware (e.g. reading a character inputted from the keyboard). The Kernel can read and modify the data of the calling process as it has access to memory in User Space (e.g. it can copy the keyboard character into a buffer that the calling process has access to) When the Kernel is done processing the request, it restores the process execution context that was saved when the system call was invoked, and control returns to the calling program which continues executing. 2 SYSTEM CALLS FORK() 3 THE FORK() SYSTEM CALL (1/2) • A process calling fork()spawns a child process. • The child is almost an identical clone of the parent: • Program Text (segment .text) • Stack (ss) • PCB (eg. registers) • Data (segment .data) #include <sys/types.h> #include <unistd.h> pid_t fork(void); 4 THE FORK() SYSTEM CALL (2/2) • The fork()is one of the those system calls, which is called once, but returns twice! Consider a piece of program • After fork()both the parent and the child are ..
  • Computer Training Options Click Here

    Computer Training Options Click Here

    Your Total Training Resource Microsoft® Windows 10® Learn how to perform management, wide varieties of operations, run myriads of built-in programs and maintenance tools of Windows 10. Perform managerial and maintenance commands and features. Learn about Windows essentials, tips and tricks, Managing files and folders on local, network and cloud storage areas like OneDrive. Learn how to customize the Windows environment to personalize the system to work best for you. Work with Cortana to control your computer with voice commands. The modules for Windows 10 are as follows: Module 1 – Learn All the Essential Features of Windows 10 To Schedule / Need Additional Information To schedule sessions, receive more information or for questions/clarifications contact us at: Email: Ken Keller at [email protected] or Dean Carroll at [email protected] or Phone: (630) 495-0505 or (800) 869-7497. To see a complete list of our current computer training options click here. 101 W. 22nd Street, Suite 100 630-495-0505 Lombard, IL 60148 630-495-1321 Fax www.c-kg.com Your Total Training Resource Module 1 – Learn All the Essential Features of Windows 10 • This comprehensive course covers everything you Edge browser, and work with Mail, Calendars, and need to know to install Windows, customize it to People (aka contacts). your liking, and start working with files and • Plus, learn about sharing via a home network, applications. multiuser configurations, security and privacy, and • See how to manage folders, use Cortana to search troubleshooting Windows. and navigate, browse the web with the new Microsoft Management and Maintenance: • Learn how to configure updates, monitor events and • Reviewing event logs.
  • Performance Tuning Guidelines for Windows Server 2012 R2

    Performance Tuning Guidelines for Windows Server 2012 R2

    Performance Tuning Guidelines for Windows Server 2012 R2 Copyright information This document is provided "as-is". Information and views expressed in this document, including URL and other Internet website references, may change without notice. Some examples depicted herein are provided for illustration only and are fictitious. No real association or connection is intended or should be inferred. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes. This document is confidential and proprietary to Microsoft. It is disclosed and can be used only pursuant to a nondisclosure agreement. © 2012 Microsoft. All rights reserved. Internet Explorer, Microsoft, TechNet, Windows, and Excel are trademarks of the Microsoft group of companies. All other trademarks are property of their respective owners. Contents Performance Tuning Guidelines for Windows Server 2012 R2 ...................................................8 Performance Tuning for Server Hardware ................................................................................9 See Also .............................................................................................................................9 Server Hardware Performance Considerations .........................................................................9 See Also ........................................................................................................................... 14
  • Processes and Threads

    Processes and Threads

    Lecture Notes for CS347: Operating Systems Mythili Vutukuru, Department of Computer Science and Engineering, IIT Bombay 2. Processes and Threads 2.1 Life cycle of a process • Recall that the process is a basic unit of execution in an OS. The main job of any OS is to run processes, while managing their lifecycle from creation to termination. Processes are typically created in Unix-like systems by forking from an existing process. The OS starts the first init process after bootup, and all subsequent processes are descendents of this process. • A process can create a child process using the fork system call. After the fork, the memory image of the child process is a complete copy of the memory image of the parent (the child and parent memory images may diverge subsequently). The fork system call returns in both the parent and child processes, with different return values. In the parent, it returns the pid of the new child process. In the child, it returns 0. Both processes then resume execution from the instruction right after fork, and can be scheduled as independent entities by the CPU scheduler. • A typical use case of fork is to create a child and run the exec system call in the child. The exec system call loads a new executable into the memory image of the process calling it, enabling the child process to do something different from what the parent is already doing. All processes (beyond the first process) are created with this fork+exec combination in Unix-like operating systems. • A simple OS would create a complete copy of the parent’s memory image for the child.