MS Windows – Performance Monitor – Findings – 2016-Jan

Background

Quick review of our last System Performance benchmarking.

 

Review

Storage / Disk

Hot files

mcshield

Explanation

  1. SQL Server
    • Confirmed that SQL Server data files are written in 8 KB sizes
    • SQL Server Log files are written a bit irregularly.  In our observed, at 1 KB size; that number is probably rounded out
  2.  Mcshield.exe
    • We can see that mcshield.exe is competing with vmss.exe to access  \Users\Public\Documents\Hyper-V\Virtual Hard Disks\sccommondb02.vhd
    • mcshield.exe is also competing with rundll32.exe, our helper process, for access to Perfmon resultant file ( Performance Counter.blg )

 

Disk Totals

DiskTotals

Adjunct

To map the Disk Numbers to their corresponding drive letter, I will suggest you dig down or take the harder path of using WMI or Diskpart.exe

If you want to use diskpart, start it from command line and issue “list volume”.


DISKPART> list volume

Output

ListVolume

 

Explanation

  1. Drive 4 ( Drive C: [ OS/System] )
    • vmms.exe ( Hyper-V ) is the biggest user )
    • Next comes mcshield.exe ( mcAfee), System, and Explorer
  2. Drive 3 ( Drive E: [SQL Server Data] )
    • Biggest user rundll32.exe – Not sure which process it actually is, as rundll32.exe is likely com server/dll and their is likely an actual host system
    • Next comes system
    • And, then sqlserv.exe
    • And, mcshield.exe, explorer.exe
  3. Drive 2 ( Drive D: [ SQL Server Log] )
    • Sqlservr.exe
    • System
    • mcshield.exe
    • msmdsrv.exe ( SQL Server Analysis Service )
  4. Drive 1 ( Drive E: [ SQL Server Backup] )
    • Biggest user is MS SQL Server
      • Writing out 1MB/sec
      • Reading at 86 KB/sec
    • Next is mcshield.exe
    • And, bottom is explorer.exe
  5. Disk 0
    • Following best practices and not capturing performance data on System Drive or Drives we are instrumenting
    • We are logging Perfmon Data to Drive G:
      • Once we dug deep mmc.exe is the biggest user of this drive

 

Network

TCPOutboundTraffic

 


nbtstat -a 10.18.0.180 | find /I "UNIQUE"

Output

nbstat-A

Explanation

  1. We can see that SQL Server is our biggest Network Originator
  2. We should look at our ecosystem and see which hosts are receiving and sending most network traffic

 

CPU/Process

CPU-Process

  1. We see that our CPU is Idle 90% of the time
  2. SQL Server is a mere 5%
    • 0.3% of Overall System Total that is at the Kernel Level
    • And, 4.2 of Overall System is at User Level
  3. If Kernel was high for SQL Server then System processes such as System Processes ( Device Drivers, OS Level Encryption, and Antivirus )  are holding us up as they are not returning from system level calls soon enough
  4. If User Level was high, then it is SQL Compilation, Bad Query plans, SQL Engine background processes ( Ghost cleanup, Lazy Writer )

 

Warnings

The Warning’s area is likely the most instructive.

Image

DiagnosticResults-Warnings

Textual

The system is experiencing excessive paging

Cause: Available memory on the system is low.

Details: The total physical memory on the system is not capable of handling the load.

Resolution: Upgrade the physical memory or reduce system load

 

Listening

Listening to Leon Bridges whom I discovered from watching Bennett Omalu’s Concussion Movie.

Leon Bridges – River

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s