Performance Monitoring with Logman

Microsoft Windows provides a free built-in utility called Logman that monitor performance counter through command line. If you are upset about the user unfriendly perfmon (check out this post to automate perfmon scheduling), or like to have ease with command line to monitor multiple servers, Logman probably is what you need.

First here is the syntax verbs,

Logman [create {counter | trace} collection_name ] [start collection_name] [stop collection_name] [delete collection_name] [query {collection_name|providers}] [update collection_name]

You can find more information about Logman here at Microsoft TechNet.

create Creates counter or trace collection
start Start the collection. Use with update parameter with begin time (-b), end-time (-e) or repeat time (-rt)
stop Stop the collection. Use with update parameter with begin time (-b), end-time (-e) or repeat time (-rt)
delete Delete the collection
query Display collection name / provider (or all the existing) collection queries. Use (-s) for report computer
update Update collection queries for counter and trace collection, or modify schedule.

Here are some of the syntax option,

-s computer_nameDefault as local system. Use this option to point to remote system to perform operation
-config FileName Path name of setting file contains command line parameter
-b M/d/yyyy h:mm:ss [AM | PM]Begin time with 24-hour format. Use AM/PM for 12-hour format.
-e M/d/yyyy h:mm:ss [AM | PM]End time with 24-hour format. Use AM/PM for 12-hour format.
-m start stop Manually start and stop the collection. Cannot use together with -b / -e parameter.
-r Repeat the collection at daily period
--r Turn off repeat
-o { Path | DSN!counter_log }Output file path. Use DSN!counter_log format for SQL database. DSN is the database system name (instance\database). Dataset counter_log would be created in the database.
-f { bin | bincirc | csv | tsv | SQL } File format. Use along with -o. bincirc as circular binary.
-a To append file
--a Turn off append, and revert to overwrite
-v { nnnnn | mmddhhmm } : Attach version control information with numeric format or date month.
--v Turn off version control.
-max value Specifying maximum size of log file in megabytes
--max turn off max size setting
-cnf [[hh:]mm:]ss Create new file when specified time elapses or exceed maximum size (-a). Must use with -v option.
-c { Path [path ... ] | -cf FileName } Specifying performance counter path with general format, [\\Computer]\object[parent/instance#index]\counter]. Or refer to the file name contains list of counters.
-si [[hh:]mm:]ss Sample interval. Default is 15 seconds.
-u user password Specify account name and password to run the collection. Use * in password line to prompt for password.
--u Reset to performance logs service account
-rt [[hh:]mm:]ss Running period of the collection
/? Display help

So here are some sample,
Let's say I want to create a counter named 'Test_Log' that collect logical C: drive free disk space in megabytes, all processor time and processor queue length from a remote server 'Test_Server' with interval 15 seconds from 10AM to 10PM everyday and run he counter under doman\myuser login and save it to my local D:\Test folder in bin file. Here is the command,

Logman create counter Test_Log -b 9/19/2012 10:00:00 -e 9/19/2012 22:00:00 -si 00:15 -r -v mmddhhmm -c "\\Test_Server\LogicalDisk(C:)\Free Megabytes" "\\Test_Server\Processor(*)\% Processor Time" "\\Test_Server\System\Processor Queue Length" -f bin -o "D:\Test" -u "domain\myuser" "myuserpassword"

To see the details of this collection,
Logman query Test_Log

To see all the collections status,
Logman query

To delete this collection
Logman delete Test_Log

To change the detail of this collection, let's say change the begin time to 8AM.
Logman update Test_Log -b 9/19/2012 8:00:00 -u "domain\myuser" "myuserpassword"

Please note that if you are adding/changing some collection counters, you still need to include all the other existing counters.

However, one cool feature of logman is it allows you to point to a counter configuration file so you don't have to type it all again. Here is an example,
- Create a text file at C:\Test_Counter_Conf.txt
- Include all counters in the text file with one counter per line. Like this,

\\Test_Server\LogicalDisk(C:)\Free Megabytes
\\Test_Server\Processor(*)\% Processor Time
\\Test_Server\System\Processor Queue Length

- Save the file. In command prompt,

Logman create counter Test_Log -b 9/19/2012 10:00:00 -e 9/19/2012 22:00:00 -si 00:15 -r -v mmddhhmm -cf "C:\Test_Counter_Conf.txt" -f bin -o "D:\Test" -u "domain\myuser" "myuserpassword"

It creates the same collection like the previous one. How cool is that! It works for update command as well.

If you don't feel like typing all these in command prompt (I know, I know), you can even use a configuration file. Here is how you do it,
- Create a text file at C:\Test_Configuration.txt"
- Include command in square bracket and the value in a new line. Like this,

[create]
counter

[n]
Test_Log

[b]
9/19/2012 10:00:00

[e]
9/19/2012 22:00:00

[si]
00:15

[r]

[v]
mmddhhmm 

[c]
\\Test_Server\LogicalDisk(C:)\Free Megabytes
\\Test_Server\Processor(*)\% Processor Time
\\Test_Server\System\Processor Queue Length

[f]
bin

[o]
D:\Test

[u]
domain\myuser
myuserpassword

(Take me a while to find out the n is used for the collection name)
- And then in command prompt,
Logman -config "C:\Test_Configuration.txt"

It creates the same collection like the example above. Cooool!

Google+