Passed 70-649 two weeks ago, which gave me three certificates:
MCTS: Active Directory
MCTS: Network
MCTS: Application Infrastructure
Two more exams to get my MCITP: Enterprise Admin
Update (Jun 12): Passed 70-747. One more exam (70-680) to get my MCITP:Enterprise Admin
Update (Sep 23): Passed 70-680. Now I am MCITP: Enterprise Admin!
Search This Blog
Mar 21, 2010
Nov 24, 2009
Suggested Thresholds for Essential Counters
This is excerpted from an MS article for w2k resource kit. Most of the numbers should still be applicable to newer version of OSes.
Resource
Object/Counter
Threshold
Comments
Disk
PhysicalDisk\% Disk Time
90%
Disk
PhysicalDisk\ Disk Reads/sec, PhysicalDisk\Disk
Depends on manufacturer's specifications
Check the disk's specified transfer rate to verify that the logged rate doesn't exceed specifications.(1)
Resource
Object/Counter
Threshold
Comments
Disk
PhysicalDisk\% Disk Time
90%
Disk
PhysicalDisk\ Disk Reads/sec, PhysicalDisk\Disk
Depends on manufacturer's specifications
Check the disk's specified transfer rate to verify that the logged rate doesn't exceed specifications.(1)
Sep 22, 2009
Account Logon vs. Logon/Logoff events in security log
Ever confused by the "Account Logon" events and "Logon/Logoff" events in your Security Log? Read on.
[Edit: Dec 19, 2011]: This is applicable to Windows 2003. In Windows 2008, "account logon" is changed to "credential validation" to better reflect what it really is.
****************************************
This is a complete copy/paste from MSDN.
****************************************
One of the most common questions that I get about Windows Auditing is, how come you guys were so @#%! stupid that you put in two logon categories?
The answer is actually pretty simple- we're bad at choosing names. "Account Logon" isn't really about logon, it's about credential validation.
Here's the low down on what is the difference between Logon/Logoff and Account Logon events, and how to decipher Account Logon events.
[Edit: Dec 19, 2011]: This is applicable to Windows 2003. In Windows 2008, "account logon" is changed to "credential validation" to better reflect what it really is.
****************************************
This is a complete copy/paste from MSDN.
****************************************
One of the most common questions that I get about Windows Auditing is, how come you guys were so @#%! stupid that you put in two logon categories?
The answer is actually pretty simple- we're bad at choosing names. "Account Logon" isn't really about logon, it's about credential validation.
Here's the low down on what is the difference between Logon/Logoff and Account Logon events, and how to decipher Account Logon events.
Subscribe to:
Posts (Atom)