시스템 장애가 발생하였을 때 시스템 구성 및 로그 분석을 위해 MPS_Reports 를 사용하게 됩니다.
설치와 성능 문제와 관련된 정보를 캡처하는 Setup Edition (Mpsrpt_setupperf.exe) 패키지에는 과연 어떠한 데이터를 수집하게 되는지 살펴보고자 합니다. 하나씩 일일이 열어 봤습니다. ㅡ.ㅡ;;;;
주요 수집 항목에 대해서 빨간색 코멘트를 부여 하였습니다.
REPORTS GATHERED:
=================
AppCompatFlags
Copy of the regitry entries for App Compatibility.
ADDiag.txt
If machine is a DC then this will have the result from the Diags.
Application.evt
Application Event log EVT format.
응용 프로그램 이벤트 로그
Application.txt
Application Event log TXT format.
Boot_ini.txt
Copy of the Boot.ini file.
/PAE, /3GB 옵션 확인
Comsetup.log
Copy of Com+ Setup Log file.
COM+ 구성요소 설치 로그
DBerr.txt
Copy of the SP Catalog logging file.
Devcon.txt
PNP Information for all Devices in the machine.
Diskmap.txt
Low level look at MBR, and PBS.
Cylinders HeadsPerCylinder SectorsPerHead BytesPerSector MediaType
DMDiag.log
Dynamic Disk Log.
동적 디스크 구성, 컴퓨터 이름, OS 버전
DOSDevices.txt
Hardware PCI Information.
DriverQuery.txt
Tells if the installed Drivers are signed or not.
Drivers.csv
Comma Seperated file of a checksym of the drivers.
Drivers.txt
Text file of a checksym of the drivers.
드라이버 목록(버전, 설명, 사이즈, 경로)
Drvman.txt
Output of Drvman.exe for printer driver information installed.
설치된 프린터 드라이버 정보
DrWatson.log
Bottom few logs from the Dr. Watson Log file.
Filters.txt
List of the Upper and Lower filters installed.
FTDMPNT.txt
Diskprobe look of MBR and PBS of each drive.
GPResult.txt
Log from a run of the GP Result command to tell which policies were applied to the machine.
GroupPolReg.txt
Copy of the Group Policy Registry Key.
HCUpdate.log
Hardware Compatibility Update Log.
Hotfixes.txt
Registry entries for the hotfixes applied to the machine.
설치된 hotfix 계정과 날짜, 드라이브 사용량, 서비스/서비스 드라이브 실행/중지 상태, 시스템 가동 시간
HyperThread.txt
File that tells if the processors in the machine are HyperThreading capable.
logical, physical processor
IELocation.txt
Copy of the registry entry of the install point of IE.
IIS*.log
IIS Log file for whichever version is installed on the machine.
IIS 설치 로그
ImageFileExecutionOptions.hiv
Copy of the Image File Execution Options registry key.
Internet_Settings_Key.txt
Registry entries for the Internet Settings information provided through IE.
IE 설치 정보(레지스트리 설정값)
InternetExplorerReg.txt
Copy of all the necessary keys for IE in the registry.
MICS.txt
환경변수, RDP 세션, Processor 모델 정보, 현재 시간
MountedDevices.txt
Copy of the Mounted Devices Key from the registry.
MoundedDevices.hiv
Copy of the Mounted Devices Key from the registry.
Net.txt
Networking information file.
공유폴더 정보
NetSetup.log
Log of events when joining a domain.
워크그룹명, 도메인 조인 내역
NI.txt
Network Statistics log.
IP, Route Table, 공유폴더 세션 사용자, 서버/워크스테이션 사용 통계
NtBtLog.txt
If boot logging enabled this is the log file for it.
Ocgen.log
OEMINF.log
C:\Windows\inf 폴더 데이터 파일명
Perf_All_INI.txt
All Perf Counter INI file.
Perf_SC.txt
SC.EXE output for Perf devices.
서비스 실행 상태
PerfIni.txt
Copy of Perf.ini for Counters file.
system32 driver name
Pfsys.txt
sys 파일 경로, 드라이버명, 파일 버전
PolIEReg.txt
Copy of the IE Polices from the registry.
Print.txt
Registry of Print Keys.
PrintDrivers.txt
List of all Printer Drivers installed and versions.
프린터 드라이버 설치 정보
Printkey.txt
Registry of Print Keys.
Process.csv
실행중인 프로세스 PID, 모듈경로, 실행 시간, 사이즈
Process.txt
Text log of currently running applications.
실행중인 프로세스와 DLL 파일 목록
Progress.txt
Log that MPS Reports updates to track how far it has gotten.
PStat.txt
Currently running applications, and drivers.
메모리(물리적,가상,커널), paging 사용량, 프로세스 상태
QFECheck.txt
서비스팩 설치 버전, QFE 설치 정보
QProcess.txt
TS Processes per User.
터미널 서비스 세션별 실행 프로세스
Quser.txt
Currently logged in users of the TS.
터미널 서비스 접속 유저
Qwinsta.txt
Currently logged in users of the TS with Handles.
접속된 터미널 서비스 유저 핸들(상태, 종류)
Recovery.txt
Registry entries for creating memory.dmp.
메모리 덤프 설정 레지스트리 값
SessionManager.hiv
Session Manager log.
Setup.log
Current Setup.log on the machine in the config directory.
시스템 파일 설치 경로
SetupAct.log
Setup Activity log.
SetupApi.log
Setup Log file.
SetupErr.log
Setup Error Log File.
SetupLog.txt
Setup Log file.
Spool.txt
Text file of printer drivers installed.
Startup.txt
Copy of all of the startup information from the registry.
시작 프로그램 목록
SvcPack.Log
서비스팩 설치 로그
System32_DLL.csv
System32_DLL.txt
Version and checksum of DLL files in the System32 directory.
system32 폴더에 설치된 dll 파일 정보(버전,경로,날짜,설명)
System32_EXE.csv
System32_EXE.txt
Version and checksum of EXE files in the System32 directory.
system32 폴더에 설치된 exe 파일 정보(버전,경로,날짜,설명)
System32_SYS.csv
System32_SYS.txt
Version and checksum of SYS files in the System32 directory.
system32 폴더에 설치된 sys 파일 정보(버전,경로,날짜,설명)
System.evt
System Event log in EVT format.
System.txt
System Event log in TXT format.
시스템 이벤트 로그
TapeDrive.txt
Output of TapeDrive.vbs with Tape Drive information.
TermServer.txt
Copy of all the Terminal Server keys from the registry.
Tlist.txt
List of all current Processes and Sub Processes.
작업관리자 프로세스 목록
Tsoc.log
TS Log file.
Uninstall.txt
Registry information for installed applications.
Upgrade.txt
Log of upgrade progress.
Vminst.log
Log from Virtual Machine installation.
Vssadmin.txt
Volume Shadow Copy information file.
볼륨 섀도 복사본 서비스 관리 명령줄 도구
Wiadebug.log
Windows Imaging Log.
Wiaservc.log
Windows Imaging Service log.
WindowsUpdate.log
Log file created by Windows Update Service.
윈도우 업데이트 로그
Winmsd.nfo
NFO format of Winmsd.
Winmsd.txt
TXT format of Winmsd. In NT 4 environments this will be %ComputerName%.TXT.
시스템 정보 요약
Winnt32.log
Log of events when Winnt32 was run.
Wsdu.log
Windows Update Log File.
Misc.txt
Environment Variables.
Sched.txt
AT Scheduled events.
OEMINF.LOG
Simple Dir of the Systemroot\Inf folder for OEM INF files.
PFSYS.CSV
List of Driver Files (SYS) in the Program File Directory.
PFSYS.TXT
List of Driver Files (SYS) in the Program File Directory.
DrWtsn32_LocalSystem.log
Dr Watson log for Local System Services in 2003 only.
QFECheck.txt
List of all hotfixes applied.
Directory_Service.evt
If machine has DC Roles then this event log will be pulled.
DNS_Server.evt
If machine has DNS installed then this event log will be pulled.
File_Replication_Service.evt
If machine has FRS installed then this event log will be pulled.
SchedlGu.txt
List of Scheduled Tasks in Task Scheduler.
ACTIVESETUPLOG.TXT
IESETUPLOG.TXT
CPQSurvey.TXT
CPQSETUP.LOG
IUHIST.XML
Windows Update Log.
BRNDLOG.TXT
IE Branding Log.
Signup.Log
IE Signup Log
Install.ins
IE Install Instruction file.
TXTSETUP.SIF
Setup Information File.
SVCPack.LOG
Service Pack Installation Log file.
WUhistv3.log
Windows Update Log file.
UNSignedDrivers.TXT
List of UnSigned Drivers installed on the machine.
SSDSetup.TXT
Compaq SSD Installation Log file.
ModemDet.txt
Modem Detection Log file.
mmdet.log
Modem Detection Log file.
userenv.log
Help Center Update log file.
iuident.txt
Windows Update Log file for IE.
ADVPackExt.Log
Advaced Package install log.
DirectX.log
Direct X install log.
NTCompat.TXT
NT Compatibility before upgrade log file.
Compat.TXT
NT Compatibility before upgrade log file.
SigVerif.TXT
Signed Drivers Verification file.
com+.log
Com+ Configuration file.
ProductID.TXT
Dump of the Product ID from the registry.
작성자 : Lai Go / 작성일자 : 2008.04.30
