Il log del servizio DFSR è già attivo di default e ha anche un livello di dettaglio elevato (Informational = 4). Il log file DFSRxxxxx.log viene creato nella cartella  “%windir%\debug” dove risiedono anche i 100 file di log precedenti che sono stati compressi come file DFSRxxxxx.log.gz. Lo storico dei file può essere incrementato da 100 al numero che desideriamo, questo è utile in particolari casi di troubleshooting dove è necessario avere uno storico maggiore. I log hanno diversi parametri di configurazione. Nella seguente tabella riporto tutti i parametri:

Parameter

Notes

Range

Default

DebugLogFilePath

Path to create debug log files at

Local folder path

%systemroot%\debug

DebugLogSeverity

Log level severity

1 – 5

4

EnableDebugLog

Boolean to turn logging on or off

TRUE, FALSE

TRUE

MaxDebugLogFiles

Count of debug log files

1 – 10,000

100

MaxDebugLogMessages

Lines per debug log file, before moving to the next log file

1,000 to MAXDWORD*

200,000

I valori della DebugLogSeverity sono:

  • Critical Info (1)

  • Errors (2)

  • Warning (3)

  • Informational (4) = Default

  • Trace (5)

Per modificare i parametri della tabella Microsoft consiglia di utilizzare il “WMI Command line interface” (WMIC) con i seguenti comandi:

Debug Log File Path
WMIC syntax: wmic /namespace:\\root\microsoftdfs path dfsrmachineconfig set debuglogfilepath="d:\dfsrlogs"

NB: La cartella deve essere creata prima di configurarla con il comando sopra altrimenti il sistema userà la cartella di default non trovando la cartella nel comando.

Debug Log Severity
WMIC syntax: wmic /namespace:\\root\microsoftdfs path dfsrmachineconfig set debuglogseverity=5

Debug Log Messages
WMIC syntax: wmic /namespace:\\root\microsoftdfs path dfsrmachineconfig set maxdebuglogmessages=400000

Debug Log Files
WMIC syntax: wmic /namespace:\\root\microsoftdfs path dfsrmachineconfig set maxdebuglogfiles=200

Non è necessario fare un riavvio del servizio DFSR o del server per far prendere le modifiche. Per verificare se i parametri sono stati presi potete usare il seguente comando:

dfsrdiag DumpMachineCfg /Mem:DFSRServer1

Dopo questa breve spiegazione su come configurare i log possiamo procedere a vedere come leggere i log.

Come interpretare i log del servizio DFSR

All’interno dei log ci sono molte sigle e acronimi che devono essere capiti per poter analizzare i log. Il più importante fra tutti è il Global Version Sequence Number, GVSN. Questo numero è il guid del database in cui è avvenuta l’ultima modifica e la versione.

{DatabaseGuid}-v{version No}.

Un esempio:

20070314 18:02:39.246 1688 LDBX  3548 Ldb::Insert Inserting idRecord:         ß Nuovo record inserito nel DB

+             fid               0x200000000015D                                                                       ß File ID e USN sono riferiti al Journal NTFS

+             usn               0x3f98680                    

+             uidVisible        0                                                                                                 ß Non è stato ancora “committed”

+             filtered          0                                                                                                     ß Il file non rientra in quelli filtrati

+             journalWrapped    0

+             slowRecoverCheck  0

+             pendingTombstone  0                                      ß Il file non è stato cancellato.

 +            recUpdateTime     16010101 00:00:00.000 GMT

+             present           1

+             nameConflict      0                             ß Non ci sono conflitti

+             attributes        0x20                             ß Attributo del file

+             gvsn              {3823B980-8436-4D70-8BA8-5A6DFDBF9EA9}-v14        ß GVSN = Guid di chi ha originato questo cambiamento

+             uid               {3823B980-8436-4D70-8BA8-5A6DFDBF9EA9}-v14          ß UID= Guid di Chi ha creato il file/folder

+             parent            {B00F0EB3-9AB5-4261-A192-EC4D81273408}-v1          ß GUID della cartella superiore-parent

+             fence             16010101 00:00:00.000

+             clock             20070314 17:02:39.216                                                           ß Ora UTC del “change”

+             createTime        20070314 17:02:39.216 GMT                                           ß Ora UTC della creazione

+             csId              {B00F0EB3-9AB5-4261-A192-EC4D81273408} 

+             hash              00000000-00000000-00000000-00000000                        ß File/Folder hash

+             similarity        00000000-00000000-00000000-00000000

+             name              New Text Document.txt                                                           ß Nome del file o della cartella

 

Per poter risalire al server su cui è stata fatta la modifica dal GUID possiamo usare il tool DFSRDiag che tra le varie opzioni per fare trohbleshooting ha  l’opzione Guid2Name.

 

C:\ >dfsrdiag guid2name /guid:{ 3823B980-8436-4D70-8BA8-5A6DFDBF9EA9} /RGName:rgname

 

   Object Type : DfsrVolumeInfo

   Computer    : PIPPO.MB.COM

   Volume Guid : 7CF914D4-1B2D-11DB-AE4E-806E6F6E6963

   Volume Path : C:

   Volume SN   : 3900110954

   DB Guid     : 3823B980-8436-4D70-8BA8-5A6DFDBF9EA9

 

Operation Succeeded

 

Per semplificare la comprensione dei log di debug ho inserito alcune delle comuni operazioni che vengono fatte su file e directory con i relativi pezzi di log per poter interpretare i log di debug.

Operazioni sui File

        File filtrato dal USN Consumer perché nella lista dei file da filtrare.

20070320 11:29:25.030 1624 USNC  1254 UsnConsumer::ProcessUsnRecord Filtered USN_RECORD:

+             USN_RECORD:

+             RecordLength:        80

+             MajorVersion:        2

+             MinorVersion:        0

+             FileRefNumber:       0x20000000001a0

+             ParentFileRefNumber: 0x4000000002960

+             USN:                 0x29f0220

+             TimeStamp:           20070320 11:29:24.940 W. Europe Standard Time

+             Reason:              Close Rename New Name

+             SourceInfo:          0x0

+             SecurityId:          0x224

+             FileAttributes:      0x20

+             FileNameLength:      14

+             FileNameOffset:      60

+             FileName:            AAA.tmp

 

        File non replicato perché è una modifica non presa in considerazione dal USNConsumer.

20070320 11:44:03.523 1624 LDBX  3665 Ldb::Update Updating idRecord:

+             fid               0xD0000000030C8

+             usn               0x29f6a60

+             uidVisible        1

+             filtered          0

+             journalWrapped    0

+             slowRecoverCheck  0

+             pendingTombstone  0

+             recUpdateTime     20070320 10:40:21.654 GMT

+             present           1

+             nameConflict      0

+             attributes        0x2020

+             gvsn              {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v25      ß Il GSVN non viene incrementato

+             uid               {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v15

+             parent            {B00F0EB3-9AB5-4261-A192-EC4D81273408}-v1

+             fence             16010101 00:00:00.000

+             clock             20070320 10:40:21.644

+             createTime        20070301 14:50:12.910 GMT

+             csId              {B00F0EB3-9AB5-4261-A192-EC4D81273408}

+             hash              7F941AAB-BBC7047F-AD048620-9754AE10

+             similarity        00000000-00000000-00000000-00000000

+             name              attribute.txt

 

20070320 11:44:03.523 1624 USNC  1879 UsnConsumer::UpdateUsnOnly USN-only update from USN_RECORD:

+             USN_RECORD:

+             RecordLength:        88

+             MajorVersion:        2

+             MinorVersion:        0

+             FileRefNumber:       0xd0000000030c8

+             ParentFileRefNumber: 0x4000000002960

+             USN:                 0x29f6a60

+             TimeStamp:           20070320 11:44:03.513 W. Europe Standard Time

+             Reason:              Basic Info Change Close

+             SourceInfo:          0x0

+             SecurityId:          0x354

+             FileAttributes:      0x2020

+             FileNameLength:      26

+             FileNameOffset:      60

+             FileName:            attribute.txt

 

·         Modifica di un file

 

20070320 11:48:36.085 1624 LDBX  3665 Ldb::Update Updating idRecord:

+             gvsn              {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v28      ß Il GSVN viene incrementato

+             uid               {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v15

+             parent            {B00F0EB3-9AB5-4261-A192-EC4D81273408}-v1

+             fence             16010101 00:00:00.000

+             clock             20070320 10:48:36.075

+             createTime        20070301 14:50:12.910 GMT

+             csId              {B00F0EB3-9AB5-4261-A192-EC4D81273408}

+             hash              00000000-00000000-00000000-00000000

+             similarity        00000000-00000000-00000000-00000000

+             name              attribute.txt

+            

20070320 11:48:36.085 1624 USNC  2202 UsnConsumer::UpdateIdRecord ID record updated from USN_RECORD:

+             USN_RECORD:

+             RecordLength:        88

+             MajorVersion:        2

+             MinorVersion:        0

+             FileRefNumber:       0xd0000000030c8

+             ParentFileRefNumber: 0x4000000002960

+             USN:                 0x29f7ae0

+             TimeStamp:           20070320 11:48:36.075 W. Europe Standard Time

+             Reason:              Close Data Overwrite Data truncation

+             SourceInfo:          0x0

+             SecurityId:          0x354

+             FileAttributes:      0x20

+             FileNameLength:      26

+             FileNameOffset:      60

+             FileName:            attribute.txt

 

·         File spostato fuori dal Replication Folder (  o cancellato e messo nel cestino )

 

20070320 11:59:05.520 1624 LDBX  3665 Ldb::Update Updating idRecord:

+             fid               0xD0000000030C8

+             usn               0x29f9390

+             uidVisible        1

+             filtered          0

+             journalWrapped    0

+             slowRecoverCheck  0

+             pendingTombstone  0

+             recUpdateTime     20070320 10:54:08.303 GMT

+             present           0

+             nameConflict      0

+             attributes        0x20

+             gvsn              {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v30

+             uid               {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v15

+             parent            {B00F0EB3-9AB5-4261-A192-EC4D81273408}-v1

+             fence             16010101 00:00:00.000

+             clock             20070320 10:59:05.520

+             createTime        20070301 14:50:12.910 GMT

+             csId              {B00F0EB3-9AB5-4261-A192-EC4D81273408}

+             hash              00000000-00000000-00000000-00000000

+             similarity        00000000-00000000-00000000-00000000

+             name              attribute.txt

+            

20070320 11:59:05.520 1624 USNC  2599 UsnConsumer::TombstoneOrDelete ID record tombstoned from USN_RECORD:

+             USN_RECORD:

+             RecordLength:        80

+             MajorVersion:        2

+             MinorVersion:        0

+             FileRefNumber:       0xd0000000030c8

+             ParentFileRefNumber: 0x2000000002aa5

+             USN:                 0x29f9390

+             TimeStamp:           20070320 11:59:05.520 W. Europe Standard Time

+             Reason:              Close Rename New Name

+             SourceInfo:          0x0

+             SecurityId:          0x354

+             FileAttributes:      0x20

+             FileNameLength:      14

+             FileNameOffset:      60

+             FileName:            Dc7.txt

 

        File cancellato senza metterlo nel cestino ( Shitf + canc ).

20070320 12:08:00.379 1624 USNC  2599 UsnConsumer::TombstoneOrDelete ID record tombstoned from USN_RECORD:

+             USN_RECORD:

+             RecordLength:        104

+             MajorVersion:        2

+             MinorVersion:        0

+             FileRefNumber:       0x20000000001d7

+             ParentFileRefNumber: 0x4000000002960

+             USN:                 0x29fbca8

+             TimeStamp:           20070320 12:08:00.379 W. Europe Standard Time

+             Reason:              Close File Delete

+             SourceInfo:          0x0

+             SecurityId:          0x354

+             FileAttributes:      0x20

+             FileNameLength:      40

+             FileNameOffset:      60

+             FileName:            Filedacancellare.txt

 

        Creazione file.

20070320 13:13:17.103 1648 LDBX  3665 Ldb::Update Updating idRecord:

+             fid               0x20000000001F4

+             usn               0x2a0edc8

+             uidVisible        1

+             filtered          0

+             journalWrapped    0

+             slowRecoverCheck  0

+             pendingTombstone  0

+             recUpdateTime     20070320 12:13:05.597 GMT

+             present           1

+             nameConflict      0

+             attributes        0x20

+             gvsn              {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v38

+             uid               {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v37

+             parent            {B00F0EB3-9AB5-4261-A192-EC4D81273408}-v1

+             fence             16010101 00:00:00.000

+             clock             20070320 12:13:17.103

+             createTime        20070320 12:13:05.537 GMT

+             csId              {B00F0EB3-9AB5-4261-A192-EC4D81273408}

+             hash              00000000-00000000-00000000-00000000

+             similarity        00000000-00000000-00000000-00000000

+             name              Creazionefile.txt

+            

20070320 13:13:17.103 1648 USNC  2202 UsnConsumer::UpdateIdRecord ID record updated from USN_RECORD:

+             USN_RECORD:

+             RecordLength:        96

+             MajorVersion:        2

+             MinorVersion:        0

+             FileRefNumber:       0x20000000001f4

+             ParentFileRefNumber: 0x4000000002960

+             USN:                 0x2a0edc8

+             TimeStamp:           20070320 13:13:17.103 W. Europe Standard Time

+             Reason:              Close Rename New Name

+             SourceInfo:          0x0

+             SecurityId:          0x354

+             FileAttributes:      0x20

+             FileNameLength:      34

+             FileNameOffset:      60

+             FileName:            Creazionefile.txt

Operazioni su Directory

Di seguito una lista di log generati da operazioni su fatte su directory all’interno del “Replication Folder”.

        Copia di una Directory nel “replication folder”

20070320 13:32:24.103 1648 LDBX  3548 Ldb::Insert Inserting idRecord:

+             fid               0x20000000001FF

+             usn               0x2a12e38

+             uidVisible        0

+             filtered          0

+             journalWrapped    0

+             slowRecoverCheck  0

+             pendingTombstone  0

+             recUpdateTime     16010101 00:00:00.000 GMT

+             present           1

+             nameConflict      0

+             attributes        0x10

+             gvsn              {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43

+             uid               {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43

+             parent            {B00F0EB3-9AB5-4261-A192-EC4D81273408}-v1

+             fence             16010101 00:00:00.000

+             clock             20070320 12:32:24.103

+             createTime        20070320 12:32:24.103 GMT

+             csId              {B00F0EB3-9AB5-4261-A192-EC4D81273408}

+             hash              00000000-00000000-00000000-00000000

+             similarity        00000000-00000000-00000000-00000000

+             name              Cartellamovein

20070320 13:32:24.103 1648 USNC  2448 UsnConsumer::CreateNewRecord ID record created from USN_RECORD:

+             USN_RECORD:

+             RecordLength:        88

+             MajorVersion:        2

+             MinorVersion:        0

+             FileRefNumber:       0x20000000001ff

+             ParentFileRefNumber: 0x4000000002960

+             USN:                 0x2a12e38

+             TimeStamp:           20070320 13:32:24.103 W. Europe Standard Time

+             Reason:              File Create

+             SourceInfo:          0x0

+             SecurityId:          0x379

+             FileAttributes:      0x10

+             FileNameLength:      28

+             FileNameOffset:      60

+             FileName:            Cartellamovein

+            

20070320 13:32:24.103 1648 LDBX  3665 Ldb::Update Updating idRecord:

+             fid               0x20000000001FF

+             usn               0x2a12e90

+             uidVisible        0

+             filtered          0

+             journalWrapped    0

+             slowRecoverCheck  0

+             pendingTombstone  0

+             recUpdateTime     20070320 12:32:24.103 GMT

+             present           1

+             nameConflict      0

+             attributes        0x10

+             gvsn              {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43

+             uid               {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43

+             parent            {B00F0EB3-9AB5-4261-A192-EC4D81273408}-v1

+             fence             16010101 00:00:00.000

+             clock             20070320 12:32:24.103

+             createTime        20070320 12:32:24.103 GMT

+             csId              {B00F0EB3-9AB5-4261-A192-EC4D81273408}

+             hash              00000000-00000000-00000000-00000000

+             similarity        00000000-00000000-00000000-00000000

+             name              Cartellamovein

+            

20070320 13:32:24.103 1648 USNC  1879 UsnConsumer::UpdateUsnOnly USN-only update from USN_RECORD:

+             USN_RECORD:

+             RecordLength:        88

+             MajorVersion:        2

+             MinorVersion:        0

+             FileRefNumber:       0x20000000001ff

+             ParentFileRefNumber: 0x4000000002960

+             USN:                 0x2a12e90

+             TimeStamp:           20070320 13:32:24.103 W. Europe Standard Time

+             Reason:              Close File Create

+             SourceInfo:          0x0

+             SecurityId:          0x379

+             FileAttributes:      0x10

+             FileNameLength:      28

+             FileNameOffset:      60

+             FileName:            Cartellamovein

+            

 

        Cancellazione/spostamento Directory

20070320 13:35:25.944 1648 LDBX  3665 Ldb::Update Updating idRecord:

+             fid               0x20000000001FF

+             usn               0x2a12e90

+             uidVisible        1

+             filtered          0

+             journalWrapped    0

+             slowRecoverCheck  0

+             pendingTombstone  1

+             recUpdateTime     20070320 12:32:24.143 GMT

+             present           1

+             nameConflict      0

+             attributes        0x10

+             gvsn              {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43

+             uid               {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43

+             parent            {B00F0EB3-9AB5-4261-A192-EC4D81273408}-v1

+             fence             16010101 00:00:00.000

+             clock             20070320 12:32:24.103

+             createTime        20070320 12:32:24.103 GMT

+             csId              {B00F0EB3-9AB5-4261-A192-EC4D81273408}

+             hash              00000000-00000000-00000000-00000000

+             similarity        00000000-00000000-00000000-00000000

+             name              Cartellamovein

+            

20070320 13:35:25.944 1648 LDBX  4064 Ldb::InsertWalkerJob Inserting dirWalkerJob:uid:{497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43 moveType:MoveOut (2) at time:20070320 12:35:25.944

20070320 13:35:25.994 1648 DIRW   581 DirWalkerTask::QueueMoveoutJob Queueing move-out uid:{497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43 fid:0x20000000001FF

20070320 13:35:25.994 2096 DIRW   256 DirWalkerTask::Run Start walking directory.

20070320 13:35:25.994 2096 DIRW  1208 DirWalkerTask::MoveoutStep Starting to process move-out job. uid:{497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43

20070320 13:35:25.994 2096 DIRW  1233 DirWalkerTask::MoveoutStep Iterating children of uid: {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43

20070320 13:35:26.004 2096 LDBX  3665 Ldb::Update Updating idRecord:

+             fid               0x20000000001FF

+             usn               0x2a12e90

+             uidVisible        1

+             filtered          0

+             journalWrapped    0

+             slowRecoverCheck  0

+             pendingTombstone  0

+             recUpdateTime     20070320 12:35:25.944 GMT

+             present           0

+             nameConflict      0

+             attributes        0x10

+             gvsn              {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v44

+             uid               {497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43

+             parent            {B00F0EB3-9AB5-4261-A192-EC4D81273408}-v1

+             fence             16010101 00:00:00.000

+             clock             20070320 12:35:25.944

+             createTime        20070320 12:32:24.103 GMT

+             csId              {B00F0EB3-9AB5-4261-A192-EC4D81273408}

+             hash              00000000-00000000-00000000-00000000

+             similarity        00000000-00000000-00000000-00000000

+             name              Cartellamovein

+            

20070320 13:35:26.004 2096 DIRW   101 DirWalkerTask::Job::Finish MoveOut csId:{B00F0EB3-9AB5-4261-A192-EC4D81273408} uid:{497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43

20070320 13:35:26.004 2096 DIRW   786 DirWalkerTask::RemoveJob Removing job type:2 uid:{497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43

20070320 13:35:26.004 2096 LDBX  4100 Ldb::DeleteWalkerJob Deleting dirWalkerJob. uid:{497C35B7-22CB-48DA-A83A-FE64BD14AC64}-v43

20070320 13:35:26.004 2096 LDBX  1228 LdbManager::UpdateVersionVectorCache Wake up callback 00AD5750

20070320 13:35:26.004 2096 DIRW   303 DirWalkerTask::Run Exit.

20070320 13:35:26.004 1648 USNC  2025 UsnConsumer::TombstoneIdRecord Directory tombstoned or deleted from USN_RECORD:

+             USN_RECORD:

+             RecordLength:        72

+             MajorVersion:        2

+             MinorVersion:        0

+             FileRefNumber:       0x20000000001ff

+             ParentFileRefNumber: 0x2000000002aa5

+             USN:                 0x2a13430

+             TimeStamp:           20070320 13:35:25.944 W. Europe Standard Time

+             Reason:              Close Rename New Name

+             SourceInfo:          0x0

+             SecurityId:          0x379

+             FileAttributes:      0x10

+             FileNameLength:      8

+             FileNameOffset:      60

+             FileName:            Dc11

 

Matteo Belloni
Support Escalation Engineer
Microsoft Enterprise Platform Support