10.12 Antivirus monitoring

Previous page
Table of content
Next page
monitoring and managing microsoft exchange 2000 server
Chapter 10 - Monitoring Exchange
Monitoring and Managing Microsoft Exchange 2000 Server
by Mike Daugherty  
Digital Press 2001
 

10.14 Using event logs

All Windows applications, including Exchange, record errors and events into the application event log on the server. The Windows 2000 Event Viewer is therefore the first place to look when you have an Exchange problem. You should also regularly check the event logs for informational and warning entries that might provide advance warning of an impending problem.

10.14.1 Configuring diagnostic logging

By default, Exchange automatically logs only critical Exchange events and errors. However, you can easily change the type of events that are logged for the Exchange services in order to gather additional information needed to diagnose problems. You must configure diagnostic logging separately for each server.

You can use the following procedure to set the logging level for Exchange services:

  1. Start the System Manager from the Windows 2000 Start menu by selecting Programs   Microsoft Exchange   System Manager.

    Note 

    By default, administrative groups and routing groups are not displayed. If you have not already enabled these, right-click on the Exchange organization and select Properties to display the organization properties. Select the Display administrative groups check box to allow the administrative groups to be displayed and select the Display routing groups check box to display the routing groups. You must restart the Exchange System Manager after enabling display of administrative groups and routing groups.

  2. Expand the Administrative Groups section.

  3. Expand the administrative group (e.g., First Administrative Group ) that contains the server you want to monitor.

  4. Expand the Servers section.

  5. Right-click on the server, and select Properties (Figure 10.24).

    click to expand
    Figure 10.24: A server Properties window

  6. Select the Diagnostics Logging tab.

    In the Services list, select one of the services listed in Table 10.5 for which you want to log events.

    The exact list of services displayed in the Services list will vary depending upon the Exchange components that you have installed on the server. For example, if you have installed the Microsoft Mail Connector or the Lotus cc:Mail Connector, additional services will appear in the list. When you select a service from the Services list, Exchange will display a list of categories associated with the selected service.

  7. In the Categories list, select a category for which you want to log events, and then select one of the following Logging levels :

    • None . This logging level records only critical events and errors. Under normal circumstances, the log level should be set to None for all Exchange services. When investigating a problem, you can increase the diagnostic logging level for the service being investigated.

    • Minimum . In addition to critical events and errors, this logging level records a single entry for each major task the service performs . You can use this logging level to help determine that source of problems.

    Table 10.5: Diagnostic Logging Services

    Service

    Description

    IMAP4Svc

    Microsoft Exchange IMAP4

    LME-GWISE

    Microsoft Exchange Connector for Novell GroupWise

    LME-NOTES

    Microsoft Exchange Connector for Lotus Notes

    MSADC

    Active Directory Connector

    MSExchangeAL

    Microsoft Exchange Address Lists

    MSExchangeCCMC

    Microsoft Exchange Connector for Lotus cc:Mail

    MSExchangeDX

    Microsoft Exchange Directory Synchronization

    MSExchangeFB

    Microsoft Schedule Plus Free-Busy Connector

    MSExchangeGWRtr

    Microsoft Exchange Router for Novell GroupWise

    MSExchangeIS

    Microsoft Exchange Information Store

    MSExchangeMSMI

    Microsoft Mail Connector Interchange

    MSExchangeMTA

    Microsoft Exchange MTA Stacks

    MSExchangeSA

    Microsoft Exchange System Attendant

    MSExchangeSRS

    Microsoft Exchange Site Replication Service

    MSExchangeTransport

    Microsoft Exchange SMTP Transport

    POP3Svc

    Microsoft Exchange POP3

    • Medium . In addition to the events recorded at the minimum logging level, this level records an entry for each step taken to run a task. Once you have identified the major task that is the source of a problem, you should use the medium logging level to gather additional information.

    • Maximum . In addition to the events recorded at the medium logging level, this level records an entry for each line of code in the service. This logging level provides a very detailed list of events, but creates a large amount of data and can affect server performance.

  8. Select OK when done. Events will be recorded in the Event Viewers application log.

10.14.2 Viewing event logs

You can view the Exchange log entries by using the Windows 2000 Event Viewer. Event Viewer maintains several separate logs, including an Application Log, Security Log, System Log, Directory Service Log, and File Replication Service Log. Exchange informational, warning, and error events are recorded in the Application Log. For each log file, you can configure the maximum size , how long to save entries, and whether to automatically overwrite existing events when the log file becomes full. Overwriting log files is not recommended. Instead, you should periodically archive the logs and then clear the old entries to avoid running out of disk space.

You can use the following procedure to view Exchange events recorded in the Application Log:

  1. Start the Event Viewer from the Windows 2000 Start menu by selecting Programs   Administrative Tools   Event Viewer.

  2. Select Application Log in the Event Viewers tree pane (i.e., the left pane of the window). The Event Viewer will display application log events in the details pane. This includes events recorded by Exchange services as well as events recorded by other applications. You can sort the events by selecting the column heading. An up or down arrow will appear in the sort column heading to indicate whether the events are sorted in ascending or descending order.

  3. You can filter the log file to show entries for a specific service by selecting Filter from the View menu. Use the Event Source drop-down list to select one of the Exchange services.

  4. You can view the details for an event by double-clicking on the log entry.

 

Previous page
Table of content
Next page
Monitoring and Managing Microsoft Exchange 2000 Server
Monitoring and Managing Microsoft Exchange 2000 Server (HP Technologies)
ISBN: 155558232X
EAN: 2147483647
Year: 2000
Pages: 113
Authors: Mike Daugherty
BUY ON AMAZON
C++ How to Program (5th Edition)
C & Data Structures (Charles River Media Computer Engineering)
Competency-Based Human Resource Management
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
An Introduction to Design Patterns in C++ with Qt 4
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy