• Windows 2012 Core Survival Guide – Running and viewing Best Practice Analyzer

    Posted over 1 year ago
    by Bruce Adamczak}

    Learn about my 2012 Core Survival Guide here.

    Running and viewing Best Practice Analyzer

     Listing the Best Practice Analyzer

     PowerShell Command:

     Get-BPAModel | format-table ID,name -autosize

     You will need to know the "ID" and the correct spelling in order to invoke the BPA.

     

     Invoking the Best Practice Analyzer

     You can run the Best Practice Analyzer using the Invoke-BPAModel cmdlet.

     PowerShell Command:

     Invoke-BPAModel Microsoft/Windows/FileServices

     In the output below notice the success attribute.  Use this attribute to determine if the analyzer ran completely.

     

     Getting the results of the BPA

     You can view the results of the Best Practice Analyzer using the Get-BPAResult cmdlet.

     PowerShell Command:

     get-BPAresult Microsoft/Windows/FileServices | export-csv bpaoutput.csv

     The results can also be displayed to the screen but often times it scrolls past the buffer.  To avoid this issue, use the export-csv command to place the output in an csv file.  This file is best reviewed using Excel.  The sample output below was opened using NotePad.exe for illustration purposes.

     

     I hope you found this useful.  Please leave me a comment.  Let me know if there are any core tasks you would like me to cover.

     Bruce

     

  • Windows 2012 Core Survival Guide – Netmon capturing

    Posted over 1 year ago
    by Bruce Adamczak}

    Learn about my 2012 Core Survival Guide here.

    Netmon capturing

    In this blog we are going to look at collecting a network capture using the NetSh.exe command.  This tool will produce an .etl trace that can be read in Netmon.  While in Netmon you will need to make the active parser "Windows" in order to parse the file correctly.

    How to collect a network Trace

    Command:

    netsh trace start capture=yes tracefile=.\mytrace.etl maxsize=300

    In the output below we have started collecting data in a 300mb Circular log. In order to review this data you will need to stop the collection and move the data to a box that has NetMon installed.

     

    How to stop the network trace

    Command:

    netsh trace stop

    In the output below we stopped the network trace.  Notice the location of the final output. 

     

    I hope you found this useful.  Please leave me a comment.  Let me know if there are any core tasks you would like me to cover.

    Bruce