Event Monitoring, Event Viewer | Microsoft 1 instruction

Chapter 4: Enterprise Monitoring

63

Event Monitoring

When Exchange 2000 Server is running smoothly, event monitoring does not seem espe- cially important. However, when performance is poor, you will quickly see the benefits of event monitoring. Event Viewer is a useful source of information about Exchange 2000 Server, along with log files that you may choose to generate. Large organizations may require an application such as Microsoft Operations Manager for reporting on Exchange 2000 Server events.

Event Viewer

Exchange reports to the Application event log. By default, it logs all critical events to the Application log. By increasing the logging on particular Exchange services, you can ensure that more data is available.

To enable logging for a particular Exchange service, right click the server in Exchange System Manager, select Properties, and then select the Diagnostics Logging tab.

The logging levels are:

◆None – Only error messages are logged (the default setting on all the services)

◆Minimum – Warning messages and error messages are logged

◆Medium – Informational, warning, and error messages are logged

◆Maximum – Troubleshooting (extra detail), informational, warning, and error messages are logged

You can log the following services in Exchange 2000 Server:

◆IMAP4Svc (IMAP4 Protocol)

◆MS-ExhangeAL (Address List)

◆MSExchangeIS\System (Information Store System)

◆MSExchangeIS\Mailbox (Information Store Mailbox)

◆MSExchangeIS\Public Folder (Information Store Public Folders)

◆MSExchangeSRS (Site Replication Service)

◆MSExchangeTransport (SMTP Routing Engine and Transport)

◆MSExchangeMTA (MTA Service)

◆MSExchangeSA (System Attendant Service)

◆POP3SVC (POP3 Protocol)

Under normal operating conditions, it is not necessary to set logging levels any higher than minimum, because increasing logging rapidly fills your event log with a great deal of unnecessary information. When issues arise, you can increase the level of logging to allow you to diagnose the problem, reducing it again after the issue has been resolved.

The Windows 2000 Resource Kit includes elogdmp.exe, a utility which allows you to dump the information in any Event Viewer log to a file for analysis elsewhere.

Image 71

Microsoft 1 manual Event Monitoring, Event Viewer

Contents

Version Exchange 2000 Operations Guide Isbn Contents Enterprise Monitoring Change and Configuration Management Glossary ProtectionSupport Page Vii Content LeadKey Authors ReviewersPage Microsoft Operations Framework MOF Introduction SLA Efficiency, Continuity, and Security How to Use This Guide Efficiency Continuity Capacity and Availability Management Chapter Outlines Protection Planning and Deployment Features Service Level Agreements Performance Recovery Related Topics SummaryPage Capacity and Availability Management Chapter Sections Capacity Management Capacity and Availability Management Microsoft Exchange 2000 Operations Version Availability Management Service Hours Minimizing System Failures Service Availability Decreasing Single Points of Failure Increasing the Reliability of Exchange Minimizing System Recovery Time Performance Tuning Making Changes to the Registry No Performance Optimizer Optimizable Features Upgrading from Exchange 5.5 to Exchange Tuning ConsiderationsTuning the Message Transfer Agent MTA Mailroot Directory Location Tuning Smtp Transport Smtp File Handles Hkeylocal Active Directory Checking Store and ESE TuningOnline Store Maintenance Message Deletion and Online Defragmentation Online Backups First Storage Group Choosing the Correct Maintenance Strategy Store-Database Cache Size Extensible Storage Engine ESE Heaps Microsoft Exchange 2000 Operations Version Log Buffers Tuning Active Directory Integration Type SET Maxactivequeries to 40 and press Enter Tuning Outlook Web Access OWA Setting OWA Properties Hardware Upgrades Page Change and Configuration Management Defining Change Type Change ManagementPrerequisites Request for Change Is Submitted to Change Manager Change Is Passed to IT Executive Committee for Approval Change Manager Assesses the RFC Change Process Evaluation Change Is Passed to the Change Owner Scripting Minor and Standard Changes Minor and Standard Changes Documentation SecuritySoftware Control and Distribution Configuration Management Configuration Items Tools for Configuration ManagementConfiguration Management and Change Management Microsoft Exchange 2000 Operations Guide Version Hardware Server Printer Software Exchange Hotfix Configuration Management Relationships Nine Configuration Items with Relationships Between Them Configuration Management and Exchange Maintaining the Configuration Management DatabaseDefining Configuration Items Ownership Change Management Security BackupAdministering System Policies Exchange System Policies Summary Enterprise Monitoring System Monitor Performance Monitoring Exipc Exchange 2000 Objects and Counters to Monitor Smtp Service or Resource Performance Object MSExchangeIS Mailbox and MSExchangeIS Public Information Store CountersSmtp Server MSExchangeIS MSExchangeMTA and MSExchangeMTAConnections MSExchangeAL Windows 2000 Objects and Counters to MonitorMSExchangeIM Virtual Servers Subsystem Object Counter Exchange Comments Subsystem Object Counter Exchange Comments Centralized Monitoring Event Viewer Event Monitoring Centralized Event Monitoring Log Files Monitoring and Status Tool Adding Services to the Default ConfigurationAvailability Monitoring Notifications Monitoring Resources Disabling Server Monitoring Centralized Availability MonitoringStatus Client Monitoring Summary Page Chapter End Point Chapter Start Point Protection Against Hacking Firewall Operations Maintaining Firewall Availability Dealing With Security Breaches Source Destination Service Protocol and portAnti-Virus Measures Monitoring Against Hacker Intrusion Staying Current Dealing With Virus Infection File Extensions and File Types Blocking Attachments at the Client File Extension File Type Backing Up Disaster Recovery Procedures Protection Disk Imaging Offline Backup To connect an Exchange 2000 mailbox to another user Recovering Individual MessagesRecovering Lost Mailboxes Restoring Recovering Exchange Stores and Storage Groups Recovering Exchange After Active Directory Failure Full Exchange Server Recovery Alternate Server Recovery Recovery Testing Summary Page Support Reducing End User Support Costs Providing Support for End Users Support Problem Reporting Notifying Users Dealing with User Problems Exchange Problem Management Support Summary Active Directory Services Interfaces Adsi Access Control Entry ACEAccess Control List ACL Active Directory Connector ADC Asymmetric Cipher Administration groupActiveX Data Objects ADO Adsi Edit Collaboration Data Objects CiphersClear item Collaboration Data Objects CDO for Windows Connection Agreement CA Conferencing Management Service CMSConfiguration Connection Agreement ConfigCA Conference Technology Provider CTP Domain controller Domain modeDomain Name Services DNS Domain tree DSAccess Epoxy Exchange Conferencing Services ECSEnterprise Encryption Forest also known as enterprise Event ServiceExipc formerly known as Epoxy Extensible Storage Engine ESE also known as JET Instant Messaging IM Installable File System IFSGroup Hash Functions Link State Algorithm LSA Internet Messaging Access Protocol version 4 IMAP4Lightweight Directory Access Protocol Ldap Joint Engine Technology JET Metabase Metabase update serviceName Service Provider Interface Nspi Messaging Application Programming Interface Mapi Post Office Protocol version 3 POP3 Outlook Web AccessOpaque item Policy Resource mailbox Recipient Update Service RUSRemote Procedure Calls RPC Resource Routing Engine Routing Group Connector RGCRouting service Routing group Simple Message Transfer Protocol Smtp SchemaSecure Hash Algorithm version Security principal Store Site Replication Service SRSSite Consistency Checker SCC also known as the Skcc Storage group User Principal Name UPN System attendant120 User 509 Web-DAVWeb Storage System