Permissions for Counter Logs, Trace Logs, and Alerts

 < Day Day Up > 



To create or modify a log or alert, you must have Full Control permission for the registry entry HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services \SysmonLog\LogQueries. Administrators are assigned this permission by default, and they can grant this permission to users in Regedit.exe.

To run the Performance Logs and Alerts service, you must have permission to configure or start services on the system. Administrators are assigned this permission by default and can grant this permission to others using Group Policy. (The built-in groups Performance Log Users and Performance Monitor Users are useful for this.) To log data for a remote computer, the Performance Logs and Alerts service must run under an account that has access to that remote system. The service runs in the background after a log or alert is configured and running.

start sidebar
Real World

Tuning and Testing Strategies

Before starting System Monitor or Performance Logs and Alerts on the computer you are monitoring, turn off screen savers and stop services that are not essential to monitoring the system. Other best practices include the following:

  • Set up Performance Logs and Alerts to monitor and report data on counters at regular intervals, such as every 10 to 15 minutes.

  • Make only one change at a time. Bottlenecks can be caused by one component, or they can be the result of a series of faults. Making multiple changes at once can make it impossible to assess the impact each change has on the system.

  • Keep a record of changes you make, and repeat the monitoring process after every change. Changes can affect other resources, and keeping records helps to determine the effect of each change and whether additional changes are necessary.

  • Compare programs that run over the network against those that run locally. This tells you whether network components might be playing a part in performance problems.

  • Pay regular attention to event logs. Some performance problems generate output into Event Viewer.

  • When logging data through Performance Logs and Alerts, exclude times that include start-up events. Start-up events tend to skew overall performance results because they show temporarily high values.

end sidebar



 < Day Day Up > 



Microsoft Windows Small Business Server 2003 Administrator's Companion
Microsoft Windows Small Business Server 2003 Administrators Companion (Pro-Administrators Companion)
ISBN: 0735620202
EAN: 2147483647
Year: 2004
Pages: 224

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net