This post hopefully will provide a few initial steps to get started finding out what is wrong when your app "isn't working as expected". I've been hanging out in the newsgroups lately and it kind of surprised me the same thing about trying to find out "whats wrong". Sometimes getting started is the hardest part. Here is a list of tools and sites I use to begin the "troubleshooting process". The assumption I am making you are in a position of writing code or a systems administrator charged with trying to solve the problem. (Whatever that maybe)
1) – First thing to do, look in any log files available – (Event logs, IIS Logs, SQL Logs, or custom log files from the application. ) Run utilities from Sysinternals (Filemon + Regmon), use these tools to collect evidence when the problem happens. Here is some links for further info.
'Windows Event Logs (Application, Security, System)
Look in the event logs to see if any errors are present. collect the Event ID, Source and any messages.
*Windows Auditing settings* – This goes with looking in the event logs. Make sure some type of auditing is on so errors are logged.
'Filemon – Review files in real time to find out what is being accessed and if any 'access denied' messages occur. Run Filemon when the error is happening and save the log file, review for problems.
'Regmon – Review the registry in real time to find out what is being accessed and if any keys are getting 'access denied' messages. Run Regmon when the error is happening and save the log file, review for problems.
'Process Explorer – view what processes are in-use along with DLLS's and much more.
'Open a command prompt and run 'gpresult'. This will show you what 'machine' and 'user' polices are being applied. This mainly applies when your machine is in an Active Directory environment. If your machine is a stand-along box. Review the 'local security policy'.
2) After you have collected a list of errors, various messages and event ids. Use these sites to look for answers or links to articles about your issue. I wager a good portion of the time you'll find the solution or an article about your issue.
- *Websites to search for errors
- http://Google.com (Type in the error or describe in a short question)
- Surf the newsgroups, there are 1000's of them.
- Forums related to your specific product or component – (http://forums.iis.net, http://forums.asp.net are a couple I used regularly) or check out the vendors knowledgebase.
3) I *strongly* recommend watch this webcast by Mark Russinovich. (Thanks to Scott Forsyth from http://orcsweb.com (blog is here – http://weblogs.asp.net/owscott/ ) for pointing this out. Mark is the co-founder of Sysinternals and could make a case for him being the #1 guru on the Internet. This was recorded at Teched 2006. Without the tools he has provided, it would make every Windows Administrator's job a lot harder.
Advanced tools to examine dump files.
'WinDBG and windows debugging tools
'IIS Diagnostics Toolkit
'IIS Crash/Hang Agent and IIS Dump
Yes, I even list notepad as an advanced troubleshooting tool. You need a text editor to view the log files. It is not VI but it'll do.
'Document that explains Windows Internals and troubleshooting. 109 pages great info
MISC: These are articles and links I found useful for various specifc tasks and products. If you have one, let me know. 🙂
Active Directory – Turn on AD logging to find out what machine or process is locking out users.
SQL Profiler – Are you having a problem with your SQL queries? See your queries in action and how long they are taking to execute.
Network Monitor – I use this a lot when debugging.
How to use Network Monitor to capture network traffic
ISA Server 2000 / 2004
Exchange 2000 / 2003
DNS Related issues
Check VB6 DLL for "Retained in memory" and "Unattended Execution" settings.
SMS 2003 issues
Hope this helps.