Manuals - Monitoring Microsoft Windows

Anybody who has tried to use MRTG to log performance stats for XP/2000/2003 will have been frustrated by the lack of MIB variables available. Here's how to get around this problem and use any XP/2000/2003 performance counter (see picture 1).

Picture 1

Download and install the following programs on your Microsoft Windows XP/2000/2003:

Logging data with Performance Monitor

Run Performance Monitor and open Performance Logs and Alerts. You should see a screen (see picture 1) similar to the following:

Picture 2

Right click Counter Logs then click New Log Settings. Enter the name of the server you want to monitor In this case it is test, then press Enter. The following window (see picture 2) will appear:

Picture 3

Click Add Objets and then select the counters you would like to monitor. These can be from any XP/2000/2003 server on your network. When you have added the appropriate counters click Close, then change the Sample data interval to 5 minutes.

Select the Log Files Tab. Remove the tick from the End file names with check box and change the Log file type to Text File - CSV as shown in the following screen print (see picture 3).

Picture 4

Select the Schedule tab, select Stop log After 1 day and Start a new log file when a log file closes as shown in the following screen print (see picture 4).

Picture 5

Click OK and the log file should start automatically.

Now that you are collecting the stats to the CSV file you can now create a config file for MRTG to graph the data.

Creating the MRTG configuration file

To create a configuration file for MRTG to use, you can run the script that I put together. This reads the CSV file created by performance monitor and outputs a simple MRTG config file.

# Author: Paul Simmonson
# Input: Windows 2000 Performance monitor log file (must be CSV format)
# Output: mrtg config file

open STUFF or die "Cannot open $STUFF for read :$!";
@entries = <STUFF>;
#get first line of log file
@details=split /,/, @entries[0];
#extract servername
$servername = substr @details[1],3,(index @details[1],"\\",3)-3;
#print workdir entry
print "Workdir: \\mrtg\\logs\\$servername\n\n";
#get last line of log file
@lastline=split /,/, @entries[$#entries];
# get number of entries
for $entry (@details)


    if ($entry =~ /PDH-CSV 4.0/i)
    $entry=~ tr/"//d;
    chomp ($entry);
    print "Title[$servername-$index]:$entry\n";
    print "Pagetop[$servername-$index]: <H1>$entry</H1>\n";
    print "MaxBytes[$servername-$index]: 100\n";
    print "Options[$servername-$index]: gauge, nopercent\n";
    print "Target[$servername-$index]: `perl c:\\perflogs\\$servername.csv \"$entry\"`\n";
    print "YLegend[$servername-$index]: Legend\n";
    print "ShortLegend[$servername-$index]:\n";
    print "LegendO[$servername-$index]:\n";
    print "LegendI[$servername-$index]:\n";
    print "Legend2[$servername-$index]:\n";
    print "Legend1[$servername-$index]:\n\n";

Put this script inc:\mrtg\bin\

To run the script, open a command prompt and type the following.

cd \mrtg\bin
c:\mrtg\bin>perl c:\perflogs\test.csv >test.cfg

Open the cfg file and check the result.

The entries in the config file should match the performance counters that you selected. In the config maker script I have set MaxBytes to 100. The config file generated can be edited manually if required to set a more realistic value, but the setting of 100 will work reasonably well. Log the data with Performance Monitor for a few days and open the CSV file with Excel to get an idea of what Maxbytes value you should set.

Important - If the graphs don't look right then adjust the MaxBytes value in the cfg file. Delete the associated png file in the logs directory and wait for the next update.

Save the file and exit notepad.

Under c:\mrtg\logs create a directory for the log files. In this case I create a directory called test.

Collecting the stats

To use the config file created you must put the following perl script in c:\mrtg\bin

# Author: Paul Simmonson
# Input: filename of Windows 2000 Performance monitor log file (must be CSV format)
# Name of log item to extract
# eg. perl c:\perflogs\K6.csv "\\K6\LogicalDisk(C:)\% Disk Time"
# Output: mrtg data format
open STUFF or die "Cannot open $STUFF for read :$!";
@entries = <STUFF>;
@details=split /,/, @entries[0]; #get the first line of the log file
@lastline=split /,/, @entries[$#entries]; #get last line of log file

#find the entry that matches $ARGV[1]
for $entry (@details) {
    $entry=~ tr/"//d;
    chomp ($entry);
    last if $entry eq $ARGV[1];

if ($last eq $ARGV[1]) {
    $data=~ tr/"//d;
    $data = int($data+0.5);
} else {
    $data = 0;
print "0\n";
print "$data\n";
print "0\n";
print "0\n";

Enter the following:

c:\mrtg\bin>perl mrtg test.cfg

If you now look in the c:\mrtg\logs\test directory, there should be a bunch of files. Look for the html files. These are the MRTG web pages for each performance counter.

Running MRTG automatically

There are different ways to do this, I use the following method:

Create a perl script containing the following:

$interval=300; while (1) { sleep( $interval - time() % $interval );
system 'perl c:\mrtg\bin\mrtg c:\mrtg\bin\test.cfg';

This will run every 5 minutes and update the graphs for you. Put this in the Windows startup group so that when you log on it will run automatically.



Lex van der Horst

Date Added:


Last Reviewed: