You need to collect the OS-related log information indicated in the following table.
Table 10-4 OS-related log information
Type of information | Description | Default file name | Collection by jpcras command possible |
---|---|---|---|
System log | Windows event log | -- | Y |
WMI log | system-folder\system32\WBEM\Logs\*# | Y | |
Process information | Process list | -- | Y |
System file | hosts file | system-folder\system32\drivers\etc\hosts | Y |
services file | system-folder\system32\drivers\etc\services | Y | |
OS information | System information | -- | Y |
Network status | -- | Y | |
Host name | -- | Y | |
Windows Firewall information | -- | Y | |
Dump information (in Windows Server 2003) | Dr. Watson log file | system-drive\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\drwtsn32.log# system-drive\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dump# | Y |
Dump information (in Windows Server 2008 or Windows Server 2012) | Log files for problem reports and solutions | user-mode-process-dump-folder\program-name.process-ID.dmp Example: jpcagtt.exe.2420.dmp | N |