Chapter 5 -- Event Logging

Chapter 5

In Chapter 3, the Service API was described as one of the features that separates a file server from an application server, since it has the ability to reliably run applications on the server without the intervention of a user . Event logging can help applications that are written using the Service API to operate reliably. It allows service applications to record activities that might not be witnessed by an end user.

When an application uses event logging, the information saved can be read in a reliable way from either the machine on which the event took place orwith proper authorityfrom a remote machine. Figure 5-1 shows the Windows 2000 Event Viewer displaying the system log.

click to view at full size.

Figure 5-1 Viewing the system event log on Windows 2000.

The left pane of the Event Viewer contains a tree showing all of the possible event logs that can be viewed . The right pane contains the events of the currently selected log, in this example the system log. In addition to some text information on the messages, icons indicate the severity of the event: Informational, Warning, or Error. If you double-click one of the messages, the details of the event are displayed in a dialog, as shown in Figure 5-2.

Figure 5-2 Viewing the details of a system event on Windows 2000.

One problem with logging events that are handled by the event log on Windows 2000 is having to deal with an ever-growing file. Notice that in Figure 5-1 the event count on the frame indicates 1189 events in the log. This is not a terribly busy serveryou could expect a very busy server to generate a lot more messages. If the number of messages is allowed to grow unchecked, the event log could quickly overtake the entire hard disk. Let's take a look at the Event Viewer main screen. If you right-click one of the logs in the left pane and select Properties from the context menu, you are presented with a dialog like that in Figure 5-3.

This dialog displays information on the location and current size of the selected log and allows you to set the size of the log. More important, the behavior of the logas far asreuse of spacecan be configured. The radio button group in the dialog presents three options: Overwrite Events As Needed allows the log to grow to the specified size and then overwrite the oldest events as needed. Overwrite Events Older Than n Days allows events older than the specified number of days to be overwritten automatically. Do Not Overwrite Events (Clear Log Manually) prevents events from ever being overwritten, implying that the administrator is required to clear the event log manually, perhaps after backing it up.

Figure 5-3 Viewing the properties of a system log on Windows 2000.

The event log is perhaps one of the most underutilized features of Windows 2000. Part of the problem is that the key event that might help resolve a system problem is buried in the myriad innocuous messages commonly found in the event log. For instance, one user reported to me that his machine was locking up for no apparent reason. Dialing into the network, I was able to connect to the remote log. By using information about the date and time of several lockups, I was able to determine that the system had reported an overheating problem at approximately the time of the error. I requested that the user vacuum the vents in the front and back of the machine. This resolved the issue, leaving him to wonder what magic allowed me to see the dust without ever leaving my house.

In the same dialog as shown in Figure 5-3, there is another tab named Filter . That tab, shown in Figure 5-4, allows you to select event log records using a number of criteria, including date and time, severity type, and so forth.

Figure 5-4 The Filter tab of the System Log Properties dialog.

You've seen that you can automate the management of the event log and view the log from remote machines. In addition, the event log is designed from the ground up to work with multiple languages. The base text of a message is retrieved by the event log as a resource and can be localized for any supported language.



Inside Server-Based Applications
Inside Server-Based Applications (DV-MPS General)
ISBN: 1572318171
EAN: 2147483647
Year: 1999
Pages: 91

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net