Performance Logs and Alerts collects counter data in the background. It can be scheduled to start and stop automatically and is the ideal tool to collect data over an extended period.

The log files can be stored in binary or text CSV or TSV format. System monitor can display the data in a binary log. CSV or TSV logs can easily be imported into spreadsheet and database programs. Once in a spreadsheet program, it is easy to do trend analysis with the data to help plan for the future.

The size of the log file depends on

• Number of object being monitored
• Update interval time
• Duration

To estimate the log file size, determine how much it grows over a short period of time and then extrapolate to the complete duration.

Alerts

Alerts involve specifying a counter, establishing a threshold, and specifying what to do when the threshold is exceeded. It is difficult to establish a threshold for statistics that have periodic spikes such as CPU or network utilization.

Counter Log

To establish a counter log, select objects and/or counters to be monitored as shown in the following dialog.

The following dialogs show how to;

• Specify the log file name, location, and format.
• Schedule the start and stop times for the data collection.

Trace Logs

Trace logs collect data based on events rather than time intervals. Examples of events are a page fault or the receipt of a TCP/IP packet. Interpreting trace logs requires a specialized program like TRACEDMP.EXE from the Resource Kit. Unfortunately, this command line utility is not very easy to use.