The Processes tab is probably the most useful. Here you can see the list of running processes, how much memory and CPU each process is using, the user account the process is running under and more. The Performance tab gives some nice charts of CPU utilization. You can also see total memory, kernel memory, etc. A low amount of Free memory is not a bad thing — it often means Windows is using your RAM to cache parts of the hard disk, thus speeding up many operations.
If the RAM is needed, the caches will give it back. One of the best kept secrets, the Resource Monitor, is also accessible from here. Have you ever been using a computer or server and noticed it get really sluggish? Sometimes you can hear the disk thrashing and know that some process is busier than you want it to be.
Start the Resource Monitor and click the Disk tab. Looking at the file names will sometimes give a hint about whether the process is doing a backup, writing to a log file, or some other activity. Performance Monitor is a real gem on Windows, and many IT folks would benefit by becoming more comfortable with it. The operating system publishes many useful stats here active database connections, active HTTP connections, CPU usage, time per disk read, network usage, process memory, etc.
In addition, other application providers can also include stats, and most all? When you first start perfmon. Also note that Perfmon can connect to other computers on your network and display their counter values.
The Services applet services. Right click a service and go to Properties. Here you can tell Windows what it should do if the service stops unexpectedly crashes. Restarting the service is often a good option. It shows a wealth of information about problems that might be happening on a server, including hardware errors, server restarts and more. If you have a blue screen, a server hang, or an application misbehaving, look in the Event Log first.
PsExec can be very handy in many situations. Unix has its cron, and Windows has Task Scheduler. Task Scheduler can be found in Administrator Tools, or started via taskschd. From the screenshot, you can see that various companies Google and Adobe for example will create scheduled tasks so their applications are launched periodically for some background processing.
Windows itself has many tasks it uses. And of course, you can easily create your own. Or run a periodic database cleanup script. Or to check for updates. To see connections along with the process that created them, run netstat —b. To see current connections as well as ports that are listening for incoming connections, run netstat —ab as shown below:. Note that the process involved with the port is shown below the port information.
So mysqld is listening on port , not If you ever need to see network packets entering and leaving a computer, look no further than Wireshark.
This is a fantastic free SysAdmin tool that will capture every packet, and even better, break each one down into its appropriate protocol headers and content. Routing issues, slow network applications, DNS resolution problems -- a network administrator has to deal with a host of network nuisances on a daily basis. How do you survive when you're constantly under the gun to fix the problems? Like any other professional, you need a solid set of tools. Not surprisingly, plenty of options exist in the open source camp.
Excellent open source software tools are available to help you keep a close watch over your network, as well as meet many other needs of the busy network manager. From monitoring, troubleshooting, and security analysis tools to utilities for keeping track of IP allocations, passwords, and router configurations, here are my top 10 picks of the most essential open source tools for our network admin toolbox -- all free for the downloading.
This is by no means an exhaustive list of open source networking utilities available, and I've merely touched on their capabilities. Go Up. Netwrix Blog. Wireshark and Microsoft Message Analyzer Wireshark is a well-known network traffic monitoring tool. You can use Microsoft Message Analyzer in a variety of scenarios: Capture network traffic for security review. You can capture and save all the network traffic on a network segment so you can analyze it to identify potentially malicious packets.
Troubleshooting application issues. Some applications, such as Skype, use a variety of ports and protocols to provide different communication services. If server application cannot communicate with clients, Message Analyzer can capture the communication attempts and potentially identify the issue that is blocking them. Troubleshooting network and firewall configuration You can use Message Analyzer to capture the communication between network hosts.
If a network host does not receive an anticipated response, you can determine where the communication is failing and potentially pinpoint the network or firewall configuration that is preventing the response. Clonezilla Clonezilla is free, open-source tool designed to clone disks and individual hard disk partitions, as well as facilitate system backup and disaster recovery.
Tools from the Sysinternals Suite The Sysinternals Suite is used for troubleshooting problems and investigating security breaches on computers running Microsoft operating systems. Here are the most popular free tools from this suite: System Monitor Sysmon System Monitor Sysmon is a system service that you can install on any computer running a Windows system.
Creation of a new process Event ID 2. Creation of a new file Event ID 3. New network connection detected Event ID 5. Process ended Event ID 6. Driver loaded Event ID 7. Image loaded Event ID 8. Remote thread creation detected Installing Sysmon on a server or other computer in a Windows environment will increase the number of events written to the event log, which can have its downsides.
AccessChk You can use the AccessChk tool to determine what permissions are assigned to users and groups, including group-managed service accounts, for the following resources: Files Directories Registry keys Global objects Windows services AccessChk is also useful for checking whether the security settings on files and directories are set properly.
Autoruns You can use Autoruns to determine which applications are configured to start automatically when a computer boots up or a user logs on. Process Explorer The Process Explorer tool enables you to view the files and directories that a specific process has opened. Process Monitor Process Monitor provides systems administrators with real-time information about file systems, the registry, processes and thread activity.
Process Monitor enables you to perform the following tasks: Capture the details of processes, including image path, command line, user and session ID, and network utilization Capture the details of services, including file and network utilization Determine which registry keys applications are using to store data Log gigabytes of data around captured events Log all operations at boot time Use filters to search certain data 6.
Other features that improve the editing experience include: Autosave Find and replace of strings of text with regular expressions Macros Multi-editing Split-screen editing and synchronized scrolling Line operations, including sorting, conversion between uppercase and lowercase, and removal of redundant whitespace 8. Netwrix Account Lockout Examiner Netwrix Account Lockout Examiner is a free tool that enables IT administrators and help desk staff identify lockout root causes in a single keystroke.
Reduce the pressure on your help desk Ensure service desk pros have all the lockout details they need at their fingertips. Process Hacker Earlier, we explained why Process Explorer from the Sysinternals Suite is a good system administrator software solution for working with processes. Learn how you can reach millions of IT pros. Want to get direct insight from IT decision makers? Deliver content IT buyers love. Get your free Spiceworks Vendor Page. Log in to download Spiceworks. Log In Log In Forgot your password?
We'll set you up with app access and notifications. An account already exists for this email but the password was wrong. Try correcting the password or use a different email. Email This will be your username Looks good! A valid email is required to verify your Spiceworks account. Password Create a strong password Perfect! Not quite No spaces. Must include at least 8 characters and 1 upper case letter.
0コメント