Things can get quite wild, as Process Monitor lists every single event or process.
In just 10 minutes, my Windows server recorded 8 million events. One of the most fascinating things to observe on your server, and a great way to troubleshoot problems or performance issues, is Process Monitor, which displays a live view of all file, process, and registry activity. I want my server to run as cleanly as possible.īig plus: The recent versions allow you to check any file for any form of malware, known and especially unknown, using VirusTotal. In particular, third-party services and scheduled tasks get my full attention. I also look at entries marked in yellow or red (the items that try to launch a nonexistent file-usually a good source for troubleshooting). Once a month, I go through the exhaustive list of items and hunt for new entries (Why is it here? Where is it coming from? Do I need it?). It gives you a complete overview of all processes that run at Windows startup (whether server or client) and all scheduled tasks, services, drivers, Winsock providers, DLLs, and more. Microsoft's Autoruns has been on my list of tools for more than 15 years now. When you don’t want to or (feasibly) can’t get local access to your server, turn to remote tools including WinRS/WinRM or PowerShell remoting, or stick to options such as remote desktop solutions. Naturally, the options extend far beyond my list here.
I share both free tools and PowerShell or CMD command-line commands.
These may not surprise you if you’re an experienced Windows admin but can serve as a checklist for your fix-it toolbox. In this article, I introduce you to some you should know about. There are many command-line utilities for Windows systems (desktop and server), as well as small, official tools that help you get a grip on what’s going on at all times. The more you know about the goings on of the computers you’re responsible for-whether Windows, Linux, or any other operating system-the easier it is to fix if things go south.įortunately, you have help.
There are hundreds of processes, scheduled tasks, rules, handles, and privileges going on at the same time. It’s easy to lose track of what’s happening on a Windows server, particularly when something goes awry.
0 kommentar(er)
