Book Image

Troubleshooting System Center Configuration Manager

By : Gerry Hampson, Egerton
Book Image

Troubleshooting System Center Configuration Manager

By: Gerry Hampson, Egerton

Overview of this book

Microsoft System Center Configuration Manager is the most popular enterprise client management solution in the world with some of the best features available. Troubleshooting this product, however, is not always as simple as you might want, not least getting to know the hundreds of log files and understanding how the various components work. The book starts with discussing the most commonly used tools for troubleshooting the variety of problems that can be seen in Configuration Manager. It then moves to providing a high level view of the available log files, their locations, what they relate to and what they typically contain. Next, we will look at how we can fully utilize and extend all the available information from the console monitoring pane through to the status messages and down into error logging with some further reaches into WMI, SQL, registry and the file structure. You will then learn what the common error codes mean, how to make sense of the less common ones and what they actually mean with respect to Configuration Manager. Further to this, you will pick up widely acknowledged best practices both from a proactive stance when carrying out your daily administrative tasks and also from a reactive position when the green lights start to turn red right down to a complete failure situation. By the end of the book, you will be competent enough to identify and diagnose the root causes of System Center Configuration Manager administration issues and resolving them.
Table of Contents (11 chapters)
2
2. Configuration Manager Monitoring Workspace and Log Files
10
Index

Log file viewer

Those who have spent any time at all working with Configuration Manager will know that it contains quite a few log files, literally hundreds. We will go through the log files in more detail in the next chapter, but we will need to use something to read the logs. We can use something as simple as Notepad and to an extent there are some advantages with using this as it is a no-nonsense text reader. Having said that, generally speaking, most people want a little more when it comes to reading Configuration Manager logs as they can often be long, complex, and frequently refreshed. We have already seen one example of a log viewer as part of the Configuration Manager Support Center, but Configuration Manager includes its own log file viewer that is tailored to the needs of troubleshooting the product logs. In Configuration Manager 2012 versions, we are provided with CMTrace.exe; previous versions provided us with Trace32.exe or SMSTrace.exe. They are very similar tools but we will highlight some of the features of CMTrace, which is the more modern of the two. To begin with, we can typically find CMTrace at the following locations:

  • %ProgramFiles%\Microsoft Configuration manager\Tools\CMTrace.exe
  • <INSTALLATION MEDIA>\SMSSETUP\TOOLS\CMTrace.exe

Those who are running Configuration Manager 2012 R2 and up also have CMTrace available out of the box in WinPE when running Operating System Deployments. We can simply hit F8 if we have command support enabled in the WinPE image and type CMTrace. This can also be added to the later stages of a task sequence when running in the full operating system by copying the file onto the hard disk. The single biggest advantage of using CMTrace over a standard text reader is that it is a tail reader that by default is refreshed every 500 milliseconds, or, in others words, it will update the window as new lines are logged in the log file; we also have the functionality to pause the file too. Other functionality of CMTrace is to allow filtering of the log based on certain conditions and there is also a highlight feature that can highlight a whole line in yellow if a word we are looking for is found on the line. The program automatically highlights lines if certain words are found such as error or warning, which is useful but can also be a red herring at times, so this is something to be aware of if we come across logs with these keywords. We can also merge log files, and this is particularly useful when looking at time critical incidents as we can analyze data from multiple sources in the order they happened and understand the flow of information between the different components.