If you’ve ever had to investigate an issue on a Windows box, apart from the Event Viewer, the other most common tool you’ve probably (and should have) used is Performance Monitor. However, it’s not uncommon that you don’t know which of the (potentially hundreds of) counters to collect, or even how to analyse the data, especially for particularly nasty or complicated issues with no clear indicators on where the problems lie.
Sometime around the beginning of 2011, I came across the Performance Analysis of Logs (PAL) Tool, which reads in a performance monitor counter log and analyzes it using known thresholds – it has since become one of the most useful utilities I keep in my tool box.
- Thresholds files for most of the major Microsoft products such as IIS, MOSS, SQL Server, BizTalk, Exchange, and Active Directory.
- An easy to use GUI interface, automatically creating batch files for the PAL.ps1 script.
- A GUI editor for creating or editing your own threshold files.
- Creates an HTML based report for ease of copy/pasting into other applications.
- Analyzes performance counter logs using thresholds that change their criteria based on the computer’s role or hardware specs.
- It’s a free, no cost utility!
On the system to which you choose to use the tool, there are a number of pre-requisites to install first – I recommend you install PAL onto to your Windows 7 64-bit workstation (be aware that you don’t need to install PAL directly on the system which you want to monitor):
- Microsoft .NET Framework 3.5 Service Pack 1 (Partial package – internet access required)
- Microsoft .NET Framework 3.5 Service Pack 1 (full package – no internet access required)
- Microsoft Chart Controls for Microsoft .NET Framework 3.5
- PowerShell v2.0 (Windows Management Framework (Windows PowerShell 2.0, WinRM 2.0, and BITS 4.0))
Once you’ve got all the pre-requisites installed, download the latest version of the Performance Analysis of Logs (PAL) Tool from the website – it’s actually quite small at only around 1MB in size. Unpack the Zip file, and run setup.exe, following any prompts to complete installation – if you’re still missing any requirements, you’ll be directed to the appropriate website automatically.
Something else to note – the installer will ‘Set-ExecutionPolicy’ for PowerShell to ‘Unrestricted’ to allow the included PowerShell scripts to be able to run, primarily the PAL.ps1 script.
Quick Start Guide:
It’s worth reading more about how to use the tool by digging around the site, or downloading the Intro to PAL video, but as a really quick start, run up the PAL application from the Start menu, switch to the ‘Threshold File’ tab, select ‘Quick System Overview’ from the ‘Threshold file title’ dropdown, then click ‘Export to Perfmon template file’. Copy the resulting XML file onto the system you want to monitor, import into Performance Monitor (hint: click ‘Start’, run and type ‘perfmon’ and press enter) as a new ‘Data Collection Set’, then set it running.
Once you’ve collected sufficient data for what ever length of time you feel appropriate, copy the performance logs (by default, in %systemdrive%\PerfLogs) back to your workstation, and re-launch PAL. Specify the ‘Counter Log Path’ on the ‘Counter Log’ tab, ensure you’ve selected ‘Quick System Overview’ on the ‘Threshold File’ tab, then jump to the ‘Execute’ tab and click ‘Finish’.
You’ll now see the PowerShell scripts kick in, as the resulting HTML report is generated – this will take some time, depending on the amount of data collected. By default, the report will be written to ‘[My Documents]\PAL Reports’, and you’re web browser will automatically open once the report generation is complete.
Scroll through the report, and you’ll see all kinds of alerts, recommendations, and graphs, analysing in detail the various performance counters that were monitored.
If you have no time at all to try the tool out for yourself, download the Sample PAL Report, to understand what you’re missing out on.