Failover Cluster Event Tracing
for Windows: The Failover Clustering feature
in Windows Server 2008 R2 comes with a diagnostic debug logging which captures
detailed information about the cluster operations. The configuration settings
for this can be found in thefollowing location \Server
Manager\Diagnostics\Performance\Data Collector Sets\Event Trace
Sessions\Eventlog-Microsoft-Windows-FailoverClustering-Diagnostic. The cluster
event tracing is enabled by default when you enable the cluster feature and
start the cluster service
The Failover clustering diagnostic
log files are stored in %WinDir%\System32\winevt\logs\and are
in an *.etl extension. There are three *.etl log files, each time a node is
rebooted a new ETL file is generated and logging is conducted on the new log
file until the server is rebooted again
Below are some useful settings that might come in handy
when troubleshooting cluster failures:
- Generate a Windows Server Cluster Log
- Cluster Log default size
- Cluster Log default logging level
- Cluster Log default size
- Cluster Log default logging level
Before we begin, I would suggest you
run the command “cluster /prop“,
this will list theproperties of the cluster attributes and their current values
1. Generate a Windows Server
Cluster Log
- Log onto one of the cluster nodes
-> Open the command prompt As Administrator -> Enter the following
command: “cluster log /g“.
A cluster.log file will be generated and stored in%windir%\Cluster\Reports directory on all cluster
nodes
- Another way to generate the cluster log is by using
Powershell only on a Windows Server 2008 R2. Click on Start\Administrative
Tools\Windows Powershell Modules
- Wait for the system to load all the Powershell commands
- Command1: “Get-ClusterLog“:- This command creates the
cluster log file on each cluster nodes in the cluster reports folder
- Command2: “Get-ClusterLog -Destination“:- This
command creates the cluster log files for each cluster nodes and copies all
logs to a central location
or destination specified in the command. This is useful when you want to view
all cluster logs from different nodes from a single place
2. Cluster Log default size
The default failover cluster event
tracing log size is 100 MB and the logs are handled in acircular logging
scheme. In the event that the cluster.log file does not have the needed
information due to the older entries been overwritten, you would need to
increase the size of the cluster log (*.etl) to retain more data.
- From windows command prompt: cluster log /Size:X
- From PowerShell: Set-Cluster -Size X
3. Cluster default logging
level
The default cluster logging level is
3. Anything higher than 3 will give more information but may have significant
impact on the cluster. The table below gives complete overview of the different
logging levels and what information can be derived from it. Note: Setting the level to 0 (zero)
would disable logging.
|
Level
|
Error
|
Warning
|
Information
|
Verbose
|
Debug
|
|
1
|
X
|
||||
|
2
|
X
|
X
|
|||
|
3
(Default)
|
X
|
X
|
X
|
||
|
4
|
X
|
X
|
X
|
X
|
|
|
5
|
X
|
X
|
X
|
X
|
X
|
- From windows command prompt: Cluster Log /Level:X
- From PowerShell: Set-ClusterLog -Level X
No comments:
Post a Comment