LOG SOURCES

System Energy Logserver is able to process any data coming in the Syslog format, Windows Events and flat files. We can collect text data from all IT sources including:

  • Network devices (switch, router, IPS, Firewall, etc.)
  • Linux systems,
  • Windows,
  • Apps,
  • Database,
  • Virtual environments,
  • Telecommunication devices.

Application Performance Monitoring Energy Logserver integrate with professional APM Agent called UberAgent that is specially designed for all Windows platforms. Agent collects advanced metrics for the performance of this operating system family.

List of metrics collected by UberAgent for Windows:

Group Policy Processing

  • Domain controller discovery time
  • GPOs applied during logon
  • Processing time for each active client side extension (CSE), both from Microsoft and third parties. This includes:
    • Registry
    • Folder redirection
    • IE branding
    • Offline files
    • Environment variables (preferences)
    • Folder options (preferences)
    • Local users and groups (preferences)
    • Citrix policies
    • Group Policy preferences

Logon Process Performance

  • Process name
  • Process ID
  • Session ID
  • Parent process name
  • Parent process ID
  • Process user account
  • Associated application name
  • Associated application version
  • Process type (e.g. part of the logon script)
  • Process start time
  • Process lifetime duration
  • Commandline
  • Executable path
  • CPU footprint
  • Disk footprint
  • Memory footprint
  • Network footprint

Logon Process Summary

Summary performance data about process activity during user logon:

  • Number of processes started
  • Disk footprint

INTERNET BROWSERS

Internet Explorer

  • CPU usage
  • RAM usage
  • IO count
  • IO volume
  • IOPS
  • IO latency
  • Network throughput

Google Chrome

  • Browser (main process)
  • Tab (rendering process)
  • Extension (running Chrome extensions)
  • GPU (graphics acceleration)
  • Flash (playing Adobe Flash)
  • Java (running Java apps)

MICROSOFT OFFICE

Outlook

Outlook plugin load duration and related information:

  • Plugin name, ProgID and GUID
  • Plugin load duration
  • Plugin “load behavior” (state)

DEVICES

Machine Performance

  • CPU usage
  • RAM usage
  • GPU model
  • GPU compute usage
  • GPU memory usage
  • Kernel memory usage
  • IOPS (read and write separately)
  • IO volume (read and write separately)
  • IO count (read and write separately)
  • IO latency (read and write separately)
  • Disk utilization in percent
  • Network utilization in percent
  • Number of sessions
  • Number of processes
  • Number of threads
  • Number of handles

Machine Inventory

  • OS name
  • OS type and architecture
  • OS install date
  • Hardware manufacturer
  • Hardware model
  • BIOS version
  • BIOS version
  • AD domain
  • AD site
  • AD OU
  • AD computer distinguished name
  • Citrix farm name
  • Citrix machine catalog name
  • Citrix delivery group name
  • Primary IP address
  • Primary network adapter name
  • Primary network adapter description

SMB Client Performance

  • Share path
  • IOPS (read and write)
  • IO count (read and write)
  • IO volume in MB (read and write)
  • IO latency in ms (read and write)

NETWORK COMMUNICATION

  • Source process (process sending/receiving data on the machine uberAgent is running on)
  • Target IP address
  • Target name
  • Target port
  • Send count
  • Receive count
  • Connect count
  • Send volume (MB)
  • Receive volume (MB)
  • Send throughput (KB/s)
  • Receive throughput (KB/s)
  • Send latency
  • Send latency count (number of measurements)
  • Protocols used

SESSIONS

  • Session ID
  • Computername
  • Logon time
  • Logoff time
  • Session duration
  • Protocol (ICA, RDP or console)
  • Connection state (e.g. active, disconnected)
  • User and domain
  • CPU usage
  • RAM usage
  • IO count
  • IO volume
  • IOPS
  • IO latency
  • Network throughput
  • ICA/HDX latency
  • Citrix ICA/HDX client information (name, IP address, version, etc.)
  • VMware RDP/PCoIP client information (name, IP address, etc.)
  • Microsoft RDP client information (name, IP address, etc.)
  • Foreground application name
  • Foreground application version
  • Foreground process name
  • Foreground process ID
  • Foreground application UI latency

APPLICATIONS

Application and Process Startup

  • Startup duration
  • IOPS during startup
  • Application name
  • Process name
  • User and domain
  • Is the process running elevated (with admin privileges)?
  • Process ID
  • Parent process ID
  • RDS session ID
  • Process GUID (unique ID per process generated by uberAgent)
  • Session GUID (unique ID per RDS session generated by uberAgent)
  • Parent process name
  • Full path to the process executable in the file system
  • Full commandline the process was launched with

Application and Process Performance

  • User and domain
  • Process name and ID
  • Process command line (optional)
  • Application name and version
  • CPU usage
  • RAM usage
  • GPU compute usage
  • GPU memory usage
  • IO count (read and write separately)
  • IO volume (read and write separately)
  • IOPS (read and write separately)
  • IO latency (read and write separately)
  • Network throughput
  • Network latency

Application UI Unresponsiveness

  • Application name (even for App-V, Java and modern UI / Metro apps)
  • Application version
  • Process name and ID
  • User and domain
  • Unresponsiveness duration
  • Related user session

Application Crashes and Hangs

For every application error the following information is collected:

  • Application name
  • Process ID, GUID, name, path, version and timestamp
  • Process lifetime
  • User and domain
  • Related user session
  • Faulting module name, path version and timestamp
  • Exception code, fault offset,
  • App package full name and relative ID
  • Error type (crash or hang)

Application Inventory and Usage

  • Application name (even for App-V, Java and modern UI / Metro apps)
  • Application version
  • Number of concurrent users (application usage metering)
  • Number of computers the application is run on
  • Number of (ICA/RDP/PCoIP) remoting clients the application was accessed from
  • Inventory (installation information like name, publisher, version, install date)

Software Update

  • Name
  • Install date

WORKSTATIONS

Computer Startup (Machine Boot)

  • Smss initialization
  • Autocheck (checkdisk)
  • Session 0 initialization
  • Session 1 initialization
  • Wininit initialization
  • Winlogon initialization
  • Autostart services

Boot Processes

  • Process name, ID and parent ID
  • Relative start time and lifetime
  • Commandline
  • IO count (read and write)
  • IO volume (read and write)
  • IO latency (read and write)
  • Associated user session ID

Other On/Off Transitions

  • Suspend
  • Resume
  • Shutdown

On/Off Transition Delays

  • Driver/service/application name
  • Driver/service/application version
  • Total duration
  • Degradation (how much longer it took than normal)

We are convinced that the Energy Logserver provides essential supplement product market in IT Logmanagement area.