Geek School_ Learning Windows 7 – Monitoring, Performance and Keeping Windows Up To Date

8/13/2019 Geek School_ Learning Windows 7 Monitoring, Performance and Keeping Windows Up To Date

1/24

Geek School: Learning Windows 7 Monitoring,

Performance and Keeping Windows Up To Date

In todays edition of Geek School, we look at the tools we can use to monitor the performance and reliability of

our computers.

Be sure to check out the previous articles in this Geek School series on Windows 7:

Introducing How-To Geek School

Upgrades and Migrations

Configuring Devices

Managing Disks

Managing Applications

Managing Internet Explorer

IP Addressing Fundamentals

Networking

Wireless Networking

Windows Firewall

Remote Administration

Remote Access

And stay tuned for the rest of the series all this week.

Event Logs

Event logs are special files that record significant events on your computer, such as when a user logs on to your

computer or when a program crashes. Event logs are very useful tools when you are troubleshooting an issue

with your computer. You can use the Windows Event Viewer to read event logs, however you will need to be

administrator on the machine in order to do so.
http://www.howtogeek.com/134943/geek-school-learning-windows-7-remote-access/http://www.howtogeek.com/134679/geek-school-learning-windows-7-remote-administration/http://www.howtogeek.com/134374/70-680windows-7-windows-firewall/http://www.howtogeek.com/134227/geek-school-learning-windows-7-wireless-networking/http://www.howtogeek.com/134111/geek-school-learning-windows-7-networking/http://www.howtogeek.com/133943/geek-school-learning-windows-7-ip-addressing-fundamentals/http://www.howtogeek.com/133881/geek-school-learning-windows-7-managing-internet-explorer/http://www.howtogeek.com/133543/geek-school-learning-windows-7-managing-applications/http://www.howtogeek.com/133433/geek-school-learning-windows-7-managing-disks/http://www.howtogeek.com/133085/geek-school-windows-7-configuring-devices-70-680/http://www.howtogeek.com/132808/geek-school-windows-7-upgrades-migrations-70-680/http://www.howtogeek.com/132654/introducing-how-to-geek-school-learn-technology-here-for-free/


2/24

Opening the Event Viewer

To open the Event viewer, click on Start and launch the Control Panel.

Then head into the System and Security section.

Here you will want to click on Administrative Tools.


3/24

You can then open it by clicking on the Event Viewer shortcut.

Thats all there is to it.


4/24

The Event Viewer displays events in several different logs. Windows Logs include:

The Application Log The application log contains events logged by programs, for example it might be

able to tell you why a particular program crashed.

The Security Log The security log records events such as valid and invalid logon attempts, as well as

events related to resource use, such as the creating, opening, or deleting of files.

The Setup Log The setup log records events that add, remove or update a Windows feature. For

example an entry is logged every time you install a Windows Update.

The System Log The system log contains events logged by Windows system components. For

example, if a driver fails to load during startup, an event is recorded in the system log.

To view one of the Windows Logs, simply expand the Windows Logs Console Tree item and select the log you

want to view.


5/24

One the right hand side you can see all the events that the log contains. There are three kinds of events:

Errors Indicated by the nasty red exclamation mark, errors indicate that there has been a fatal problem,

such as a loss of data.

Warning Indicated by the yellow exclamation mark, warnings indicate that there has been a problem

but the program can continue to function. They also serve as a notice that futures errors could occur.

Information Indicated by the white exclamation mark, information events describe the successful

operation of a program, driver, or service.

Note: The security log doesnt use the above event levels and rather uses security audits.

Filtering Logs

Event logs contain thousands of events, and finding the information you need can sometimes be tricky. Provided

you know what you are looking for, you can always use a log filter to filter out all the irrelevant information. Lets

look at how we can use the Event Viewer to find out how long it takes our computer to start up. The first thing

you will need to do is open the Application and Service logs, then drill down into Microsoft and then Windows.

Then find the Diagnostics-Performance folder and filter its Operational log file.


6/24

Now create a filter for all Warning level events that have an Event ID of 100.

Note: I only happen to know this information because I have needed to use it before. You should focus on

how you would create a filter, not that the boot up event has an Event ID of 100.
http://www.howtogeek.com/72420/how-to-use-event-viewer-to-find-your-pcs-boot-time/


7/24

Once you click OK, you should only see warning level events.

If you select one of the results and look at its contents you will see your boot time in milliseconds.

Creating a Custom View

If you know that every day you are going to connect to a server and apply a custom filter to view specific events

you might want to consider creating a custom view which allows you to create your own pre-filtered log files.

Creating a new custom view is exactly the same as creating a new filter: just right click on the log and select

Create Custom View from the context menu.


8/24

Then choose a filtering criteria. We will again go for warning level events with an event ID of 100.

Then give your new custom view a name and click OK.


9/24

Now you will have a nice, pre-filtered log.

Limiting the Size of Your Log Files

If you need to control the size of the log files you can do so by right-clicking on a log selecting properties.


10/24

Here you can change the size of the log file in KB, the default is 20MB.

Note: The default is fine for most purposes.

Resource Monitor

The Windows 7 Resource Monitor provides a quick summary of overall CPU, disk, network and memory

utilization in one easy to use interface. You can think of it as a more detailed version of Task Manager.

To open resource monitor, press the Win + R keyboard combination to open a run box, then type resmon and

press enter.


11/24

The default windows will appear with the Overview tab displayed. In the Overview tab, you can see the four

monitored resources CPU, disk, network and memory.

The resource monitor is very useful for those times when your computer is running slow all of the sudden.

Reliability Monitor

Reliability Monitor is an advanced tool that measures hardware and software problems and other changes to

your computer. To open the reliability monitor, press the Win + R keyboard combination to open a run box,

then type perfmon /rel and press enter.


12/24

You will be greeted with a large graph displaying the overall reliability of your system over the last week or so.

You are given a system stability rating on a scale of 1 to 10, with 1 being the worst and 10 the best.

As time goes by you will notice the rating gets lower and lower on my machine, but you will also notice that there

are two errors on the chart. To view the errors that occurred, simply select the day.


13/24

In the above screenshot, you will see a critical event, logged due to power outage, significantly reduced the

reliability of my system. It looks like there was another error earlier today. Lets check it out as well.

It looks like another power outage. Looks like I need to invest in a UPS unit. As you can see the reliability

monitor can be extremely useful for tracking trends in system behavior.

Performance Monitor

The Windows Performance Monitor allows you to measure the performance of a local or a remote computer on

the network, both in real time and by collecting log data for later analysis.


14/24

Opening the Performance Monitor

To open the Performance Monitor, press the Win + R keyboard combination to open the run dialog, then type

perfmon then hit enter.

Once the MMC console opens, expand the Monitoring Tools item in the Console Tree and select Performance

Monitor.

One of the great things about the performance monitor is that it allows you to graphically view real time

performance information. It does this by the use of performance counters. Performance counters are


15/24

measurements of how something is performing at a given time, and performance counters can either be included

in the operating system or as part of an application. One example of a what a performance counter could

measure is how much time the CPU spends responding to system requests, as seen below.

To add a performance counter, simply click on the green add button.

Then choose the performance counters you want to add by selecting them and clicking the add button.


16/24

There are literally thousands of counters, but the ones I added above are the most important to remember for the

exam. Heres a brief explanation of each one:

Processor

The following performance counters are useful for troubleshooting CPU issues and are available under the

Processor section:

% Processor Time: This shows you how much time that the CPU spends responding to system requests

Interrupts/sec:This measures the average number of hardware interrupts received by the processor

each second.

Memory

The following performance counters are useful for troubleshooting memory issues and are available under the

Memory section:

Available MBytes : This measures the amount of memory that is available to run processes on the

computer.Pages/sec: This shows you the number of hard faults per second. Hard faults are page faults that require

disk access.

Physical Disk

The following performance counters are useful for troubleshooting physical disk constraints and are available

under the PhysicalDisk section:

% Disk Time: This measures the amount of time the disk is busy because it is servicing read or write


17/24

requests.

Current Disk Queue Length: This shows you the number of outstanding disk requests that are waiting

to be processed.

Logical Disk

The following performance counter is useful for troubleshooting logical disk constraints and is available under the

LogicalDisk section:

% Free Space: This shows you how much free disk space is available.

Network Interface

The following performance counter is useful for troubleshooting network issues and is available under the

NetworkInterface section:

Bytes Total/sec: This shows you the total number of bytes sent and received from your network

interface across all protocols.

Once you have added all your counters you can see all your data in real time.


18/24


19/24

Changing Where You Get Your Updates From

While setting up a WSUS server is out of scope of the exam objectives, you certainly need to know how to set

up a Windows 7 client to use a WSUS server. Normally, you will have at least at least ten clients by the time you

are using WSUS, so it is best done through a GPO. So go ahead and press the Win + R keyboard combination

to bring up a run dialog, then type gpedit.msc and press enter.

Note: Remember that we are setting up a GPO on one Windows 7 client. Usually this is done on a centraserver and linked to an OU that contains the machines in your organization so that you dont have to go

around to each machine and tell them to use WSUS.

Then drill down to:

Computer Configuration\Administrative Templates\Windows Components\Windows Update


20/24

Then double click on the Specify intranet Microsoft update service location setting on the right hand side.

Then you will need to enable the policy and enter in the URI of the WSUS server.


21/24

Thats all there is to it.

Changing Windows Update Settings

Note: If you are using WSUS, you are likely to edit these setting through Group Policy, rather than on

each client as shown below.

Open the Start Menu and click on the Windows Update item.


22/24

Here you will see a Change settings link on the left hand side.

From this centralized location you can change nearly every aspect of Windows Updates.


23/24

One thing to be aware of is that you can change the Windows Update behavior using the drop down list.

Summary

It has been a long one so heres a short summary:


24/24

The Windows Event Viewer allows you to view log files which contain important information about events

that have occurred on your PC.

Resource Monitor is a more verbose version of Task Manager that allows us to view detailed information

about what is currently happening on your machine.

The Reliability Monitor allows you to easily identify trends that are reducing the reliability of your PC.

The Windows Performance Monitor allows you to view custom performance information in real time as

well as view performance data that has been tracked over a period of time.

Windows Updates allow your PC to stay up to date with the latest security patches. While you might usethe out-the-box Windows Update configuration in very small businesses, WSUS and Group Policy are

the way to go.

Homework

Learn about and set up event subscriptions using two Windows 7 virtual machines.

Learn how to use Data Collector Sets to track performance information over time using the Performance

Monitor.

In addition to todays homework, you should read the following posts and get familiar with the little tips andtricks you can use to improve your computers performance. These are also part of the exam objectives.

Read Chris Hoffmans awesome post on the Windows Page File.

Learn how to improve your computers performance using ReadyBoost.

Learn how you can disable startup programs using MSConfig.

Learn how you can evaluate your computers power efficiency using powercfg

Read up on how to switch power plans in Windows 7.

If you have any questions you can tweet me @taybgibb, or just leave a comment.
https://twitter.com/taybgibbhttp://www.howtogeek.com/howto/9090/learning-windows-7-manage-power-settings/http://www.howtogeek.com/howto/7638/use-powercfg-in-windows-7-to-evaluate-power-efficiency/http://www.howtogeek.com/74523/how-to-disable-startup-programs-in-windows/http://www.howtogeek.com/123780/htg-explains-is-readyboost-worth-using/http://www.howtogeek.com/126430/htg-explains-what-is-the-windows-page-file-and-should-you-disable-it/

Geek School_ Learning Windows 7 – Monitoring, Performance and Keeping Windows Up To Date

Documents

Transcript of Geek School_ Learning Windows 7 – Monitoring, Performance and Keeping Windows Up To Date