Just some more tricks/tools I use frequently...

Scale-to-Fit in Perfmon

If you deal a lot with perfmon you know you can have a ton of different counters in one line graph or in one bar graph and that the scale is usually 0-100 which really isn't applicable in some cases.  Now you can just alt click the graph and select "Scale selected counter" which will then fit them all in one graph.  As an aside, you can also just drag in perfmon collections (.html, .blg, .csv, or .tsv)into the MMC now and have the data displayed.

Handle.exe

Need to know what process/user is holding a file open on your server?  Use Handle:

C:\>handle -u S:\Public\UserA\DCChkWeb\dcchk_default_new.htm

dcChk.exe          pid: 7440   BRADDOM\userb          S:\Public\UserA\DCChkWeb\dcchk_default_new.htm

Need to know what type of handles a particular process has open?  Use Handle:

C:\Users\UserB\Desktop>handle.exe -p 620 -s

Handle type summary:
                  : 52
  Desktop         : 1
  Directory       : 2
  Event           : 6229
  File            : 3210
  IoCompletion    : 17
  Key             : 150
  KeyedEvent      : 2
  Mutant          : 10
  Process         : 58
  Process         : 94
  Section         : 12
  Semaphore       : 6169
  Thread          : 630
  Timer           : 8
  Token           : 4927
  TpWorkerFactory : 2
  WindowStation   : 2
Total handles: 21575

Tlist.exe

Great tool to dump all the processes running on your system. 

Two main arguments I use with Tlist:

"-v" to dump the verbose output which will show the arguments that were passed to the process:

2 32 5116 AcroRd32.exe    Title: sw
    Command Line: "C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\AcroRd32.exe" /o /eo /l

"-s" to dump what services run in each process.  As you probably know a lot of services are just called with "svchost -netsvcs" so how do you knwo which one WINMGMT lives in?  Use -s.

C:\localbin>tlist -s
   0 System Process
   4 System
460 smss.exe
548 csrss.exe
580 wininit.exe
632 services.exe
652 lsass.exe       Svcs:  KeyIso,Netlogon,ProtectedStorage,SamSs
660 lsm.exe
808 svchost.exe     Svcs:  DcomLaunch,PlugPlay
916 svchost.exe     Svcs:  RpcSs
988 svchost.exe     Svcs:  WinDefend
408 svchost.exe     Svcs:  AudioSrv,Dhcp,Eventlog,lmhosts,p2pimsvc,wscsvc
512 svchost.exe     Svcs:  AudioEndpointBuilder,CscService,EMDMgmt,Netman,PcaSvc,SysMain,TrkWks,UmRdpService,UxSms,WdiSystemHost,WPDBusEnum,wudfsvc
540 svchost.exe     Svcs:  AeLookupSvc,BITS,CertPropSvc,gpsvc,hkmsvc,IKEEXT,iphlpsvc,LanmanServer,MMCSS,ProfSvc,RasMan,Schedule,seclogon,SENS,SessionEnv,ShellHWDetection,Themes,Winmgmt,wuauserv
796 audiodg.exe

<SNIP>

SPLInfo.exe

SplInfo is a command-line tool that collects information from the print spooler and displays it.

C:\Localbin>splinfo \\prn-machine

Number Remote Printers  490 on \\prn-machine

Windows Version         6.0 Build 6001 (Service Pack 1, v.275) FREE

Number of Processors    4 PROCESSOR_INTEL Level 6

Total Jobs Spooled      3,650

Total Bytes Printed     7,243,275,903

Total GDI Pages Printed 11,690

Average Bytes/Job       1,984,459

Average Pages/Job       3

Average Bytes/Page      619,612

Browse List Requested   0

Browse Printer Added    0

Queues with Jobs        20

# Queues with # Jobs:

       1         114

       1          10

       1           6

       1           5

       1           4

Spooler Up Time         1 Day 21:46:46

Server Up Time          22 Days 05:48:32

 

Technorati tags: , ,