{"id":230,"date":"2007-04-20T09:04:21","date_gmt":"2007-04-20T08:04:21","guid":{"rendered":"http:\/\/soci.hu\/blog\/index.php\/2007\/04\/20\/diagnosztika-a-vistaban\/"},"modified":"2007-04-20T09:04:21","modified_gmt":"2007-04-20T08:04:21","slug":"diagnosztika-a-vistaban","status":"publish","type":"post","link":"https:\/\/soci.hu\/blog\/index.php\/2007\/04\/20\/diagnosztika-a-vistaban\/","title":{"rendered":"Diagnosztika a Vist\u00e1ban"},"content":{"rendered":"<p>Vannak dolgok egyes programokban, amelyeket csak \u00e1lland\u00f3an ker\u00fclgetek, de sose veszem a f\u00e1rads\u00e1got, hogy megn\u00e9zzem a doksit, mir\u0151l is sz\u00f3l. Azt\u00e1n ut\u00f3lag rendszeresen kider\u00fcl, hogy valami okos, hasznos kis szolg\u00e1ltat\u00e1s mellett mentem el.<br \/>\n\u00cdgy j\u00e1rtam a Vista Event View-er\u00e9vel is. Az el\u0151z\u0151 verzi\u00f3 gondolom ismert mindenkinek, volt 3 f\u0151 \u00e1g, Application, System \u00e9s Security. A programok ide \u00f6mlesztett\u00e9k a logjaikat, azt\u00e1n lehetett vad\u00e1szni a nagy zajban a val\u00f3ban \u00e9rt\u00e9kes inf\u00f3k ut\u00e1n. Persze, bolt Event Source \u00e9s t\u00e1rsaik, amivel lehetett sz\u0171rni.<br \/>\nNo, Vist\u00e1ban van egy \u00faj r\u00e9sz, Applications and Services Log. Ezekbe k\u00fcl\u00f6n tudnak a programok \u00edrogatni, mindnek van saj\u00e1t log f\u00e1jlja, nem a nagy massz\u00e1ba ker\u00fclnek be a bejegyz\u00e9sek. <\/p>\n<p><a href='http:\/\/soci.hu\/blog\/wp-content\/uploads\/2007\/04\/vistaeventlog.jpg' title='Vista Event Log Viewer, benne az \u00faj Applications and Services Logs'><img src='http:\/\/soci.hu\/blog\/wp-content\/uploads\/2007\/04\/vistaeventlog.thumbnail.jpg' alt='Vista Event Log Viewer, benne az \u00faj Applications and Services Logs' \/><\/a><\/p>\n<p>Alapban nincs minden logol\u00e1s bekapcsolva, \u00e9s m\u00e9g az \u00f6sszes log forr\u00e1s se l\u00e1tszik egyszerre. Az Applications and Services Log node-on jobb gombra be lehet kapcsolni a a diagnosztikai logokat is, \u00edgy m\u00e9g sokkal t\u00f6bb logforr\u00e1s kapcsolhat\u00f3 be. Figyelem, a GUI beteg, csak akkor j\u00f6n fel a View context men\u00fc, \u00e9s benne a diagnosztikai logos opci\u00f3, ha az Applications and Services Log node a kiv\u00e1lasztott. Azaz ha egy m\u00e1sik kiv\u00e1lasztott, de csak r\u00e1kattintasz jobb gombbal, akkor nem ez a men\u00fc j\u00f6n fel! Gratula a szerz\u0151nek.<\/p>\n<p>A doksib\u00f3l:<br \/>\n&#8220;Applications and Services Logs<br \/>\nApplications and Services logs are a new category of event logs. These logs store events from a single application or component rather than events that might have systemwide impact.<\/p>\n<p>This category of logs includes four subtypes: Admin, Operational, Analytic, and Debug logs. Events in Admin logs are of particular interest to IT Professionals using the Event Viewer to troubleshoot problems. Events in the Admin log should provide you with guidance about how to respond to them. Events in the Operational log are also useful for IT Professionals, but they are likely to require more interpretation. <\/p>\n<p>Admin and Debug logs are not as user friendly. Analytic logs store events that trace an issue and, often, a high volume of events are logged. Debug logs are used by developers when debugging applications. Both Analytic and Debug logs are hidden and disabled by default.<br \/>\n&#8221;<br \/>\nAz eg\u00e9sz az\u00e9rt mer\u00fclt fel, mert nem siker\u00fcl m\u0171k\u00f6d\u00e9sre b\u00edrni az ActiveX Installer Service-t. A forr\u00e1sk\u00f3dj\u00e1t b\u00f6ng\u00e9szve l\u00e1ttam, hogy rengeteg trace-t rakott bele a szerz\u0151, de azt hittem azt csak az MS tudja haszn\u00e1lni debugol\u00e1s k\u00f6zben. Mivel ott volt a szerz\u0151 neve a forr\u00e1sk\u00f3dok fejl\u00e9c\u00e9ben, \u00edrtam neki. 1 \u00f3ra m\u00falva v\u00e1laszolt. :) \u0150 \u00edrta azt, hogy az el\u0151bb kifejtett \u00faj Event Log r\u00e9szben be lehet kapcsolni az \u0151 logol\u00e1s\u00e1t is, \u00edgy elvileg sokkal t\u00f6bb inf\u00f3m lesz, hol akad el a certificate ellen\u0151rz\u00e9s. Majd kider\u00fcl.<\/p>\n<p>A teljess\u00e9g kedv\u00e9\u00e9rt m\u00e9g p\u00e1r inf\u00f3. A logokat lehet parancssorb\u00f3l is adminisztr\u00e1lni \u00e9s lek\u00e9rdezni a wevtutil.exe seg\u00edts\u00e9g\u00e9vel. A lek\u00e9rdez\u00e9sek kapcs\u00e1n egyb\u0151l a logparser jutott az eszembe, de ez nem \u00fagy m\u0171k\u00f6dik, nem sql, hanem XPath form\u00e1tumban lehet megfogalmazni a lek\u00e9rdez\u00e9seket.<\/p>\n<p>Pl. logforr\u00e1sok list\u00e1z\u00e1sa:<br \/>\nwevtutil el<\/p>\n<p>Az AxInstallService log teljes kidumpol\u00e1sa:<br \/>\nwevtutil qe Microsoft-Windows-AxInstallService\/Log<\/p>\n<p>Kimenet:<br \/>\n[source:xml]<br \/>\n<Event xmlns='http:\/\/schemas.microsoft.com\/win\/2004\/08\/events\/event'><br \/>\n  <System><br \/>\n    <Provider Name='Microsoft-Windows-AxInstallService' Guid='{dab3b18c-3c0f-43e8-80b1-e44bc0dad901}'\/><br \/>\n    <EventID>7<\/EventID><br \/>\n    <Version>0<\/Version><br \/>\n    <Level>4<\/Level><br \/>\n    <Task>0<\/Task><br \/>\n    <Opcode>0<\/Opcode><br \/>\n    <Keywords>0x4000000000000008<\/Keywords><br \/>\n    <TimeCreated SystemTime='2007-04-20T06:59:26.130Z'\/><br \/>\n    <EventRecordID>0<\/EventRecordID><br \/>\n    <Correlation\/><br \/>\n    <Execution ProcessID='2980' ThreadID='3032' ProcessorID='0' KernelTime='0' UserTime='0'\/><br \/>\n    <Channel>Microsoft-Windows-AxInstallService\/Log<\/Channel><br \/>\n    <Computer>socivista<\/Computer><br \/>\n    <Security UserID='S-1-5-18'\/><br \/>\n  <\/System><br \/>\n  <EventData><br \/>\n    <Data Name='Message'>Exiting Policy Watch Thread<\/Data><br \/>\n  <\/EventData><br \/>\n<\/Event><br \/>\n[\/source]<\/p>\n<p>A lek\u00e9rdez\u00e9sekn\u00e9l az <a href=\"http:\/\/msdn2.microsoft.com\/en-us\/library\/aa385466.aspx\">EvtQuery<\/a> API f\u00fcggv\u00e9nyt haszn\u00e1lj\u00e1k a h\u00e1tt\u00e9rben. A query nyelv nem teljes XPath implement\u00e1ci\u00f3, a \/\/ oper\u00e1torra p\u00e9ld\u00e1ul r\u00f6gt\u00f6n b\u00f6f\u00f6g\u00f6tt, hogy \u0151 azt ugyan nem ismeri. A nyelv <a href=\"http:\/\/msdn2.microsoft.com\/en-us\/library\/aa385231.aspx\">le\u00edr\u00e1sa<\/a> itt tal\u00e1lhat\u00f3.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Vannak dolgok egyes programokban, amelyeket csak \u00e1lland\u00f3an ker\u00fclgetek, de sose veszem a f\u00e1rads\u00e1got, hogy megn\u00e9zzem a doksit, mir\u0151l is sz\u00f3l. Azt\u00e1n ut\u00f3lag&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,23],"tags":[],"class_list":["post-230","post","type-post","status-publish","format-standard","hentry","category-szakmai-elet","category-vista"],"_links":{"self":[{"href":"https:\/\/soci.hu\/blog\/index.php\/wp-json\/wp\/v2\/posts\/230","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/soci.hu\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/soci.hu\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/soci.hu\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/soci.hu\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=230"}],"version-history":[{"count":0,"href":"https:\/\/soci.hu\/blog\/index.php\/wp-json\/wp\/v2\/posts\/230\/revisions"}],"wp:attachment":[{"href":"https:\/\/soci.hu\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/soci.hu\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/soci.hu\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}