Two Minute Drill: RELOG.EXE

Two Minute Drill: RELOG.EXE

  • Comments 8
  • Likes

Following on from our last Two Minute Drill, today's topic is the RELOG.EXE utility.  RELOG.EXE creates new performance logs from data in existing performance logs by changing the sampling rate and / or converting the file format.  RELOG.EXE is not a new tool - it is however one of those tools that most administrators are not aware of.  Although RELOG.EXE is a fairly simple tool, it is incredibly powerful.  Let's look at the built-in help file for RELOG.EXE:

RELOG <filename [filename ...]> [options]

Parameters:
  <filename [filename ...]>     Performance file to relog.

Option Description
-? Display context sensitive help
-a Append output to the existing binary file
-c <path> Counters to filter from the input log
-cf <filename> File listing performance counters from the input log.  The default is all counters in the original log file
-f <CSV | TSV | BIN | SQL> Output file format
-t <value> Only write every nth record into the output file
-o Output file path or SQL database
-b <M/d/yyyy h:mm:ss [AM | PM> Begin time for the first record to write into the output file
-e <M/d/yyyy h:mm:ss [AM | PM> End time for the last record to write into the output file
-config <filename> Settings file containing command options
-q List performance counters in the input file
-y Answer yes to all questions without prompting

Now, let's look at some common scenarios:

Scenario 1: Converting an existing Performance Monitor Log

Although most administrators are comfortable using the .BLG file format and reviewing Performance data within the Performance Monitor tool, there are some advantages to reviewing the data in a different format such as a Comma-Separated Value file (.CSV).  The process to convert a .BLG to .CSV is straightforward using RELOG.EXE: relog logfile.blg -f csv -o logfile.csv

Scenario 2: Filtering a Performance Monitor Log by Performance Counter

In our last Two Minute Drill we showed you how to capture a baseline performance monitor log.  We also provided a couple of sample commands that we use in our troubleshooting to capture performance data.  However, once we get those performance logs, filtering through them can sometimes be very time consuming - especially in instances where the system is extremely active.  Oftentimes, it is useful to have both the raw data as well as a filtered subset that only shows a couple of counters.  Using RELOG.EXE we can do just that - in this example, we are going to separate out just the Private Bytes counter for all Processes: relog originalfile.blg-c "\Process(*)\Private Bytes" -o filteredfile.blg

Scenario 3: Filtering a Performance Monitor Log by Time

The last scenario we are going to look at is extracting a subset of performance data from a Performance Monitor log based on time.  This is especially useful when you have a large data sample where there are multiple instances of an issue that occurred during the time that the performance data was captured.  Using RELOG.EXE with the -b and -e options we can pull out a subset of this data and write it to a separate file - I am going to use a sample of the baseline file I created earlier: RELOG.EXE baseline.log.blg -b "5/6/2008 8:00:00 AM" -e "5/6/2008 8:34:00 AM" -o filteredcapture.blg.

As you can see there are fewer samples in the filteredcapture.blg file.  This particular type of filtering is extremely useful when you want to send a subset of performance data to other systems administrators (or even Microsoft Support!)

And that's it for our post on RELOG.EXE.  Until next time ...

- CC Hameed

Share this post :
Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • These posts are excellent.. Especially to learn the best ways to acheive things in Windows..

    Keep going. We love you.

  • Hi,

    I have tried this command, but it's not work.

    "relog originalfile.blg-c "\Process(*)\Private Bytes" -o filteredfile.blg"

    And I also tried to filter Processor counter, it's not work.

    I think the * is not accepted by the relog.exe.

    Finally, it's working after I use individual instance number rather than *. For example, _Total, 0, 1....etc.

    Regards,

    Tommy Chan

  • If I try to use RELOG against perfmon data stored in a SQL Server database and there is a lot of data I get a query timeout failure. How can I get around this please - where can I change the timeout value.

    Thanks

    Ken

  • the -b command syntax seems flawed.  the syntax is M\D\yyyy h:mm\ss [AM PM]. How can you specify a double digit month or day - like Nov 13? your example here conveniently avoids this by using 5/6.

    E:\>relog KDC7_2009111104.blg -f csv -b <11/13/2009 6:06:24 AM> -o smallfile.csv

    The system cannot find the path specified.

    Seems like an odd error. If I remove the -b switch, the command works so the error has to be related to -b.

    help!

  • @Ken, consider using an index to drastically improve query performance.

  • Apparently, the CSV option does not work for me, TSV does. Anyone any clue? Please forward answer to henk@kraa.nl

  • I have a centralized application that uses relog (on a windows 2003 enterprise server)

    I have noticed that relog will hang on blg windows 2008 or win 7 operating systems. (however if i relog to csv then to sql no issues.)

    window 2003 relog appears not able to relog .blg logs from windows 2008...kinda makes sense since MS changed all the api architecture!(insert favorite ms slant here)

    anyway do any of you know if this is in fact the case? (even if i go into perfmon and try and load the blg file it hangs on showing the date range)

    or is there a way i can get a Windows 2k8 version (of relog) to run in windows 2003 server (IT will take forever to upgrade my server)???

    also if there is a way to id the os version from perfmon data that would be helpful i am just looking for any ideas...please dont mention logman ;-)

  • Is there is way to do other way around. from csv to blg ?