11.4.1 OS log information to be collected
You need to collect the OS-related log information indicated in the following table.
Type of information |
Description |
Default file name |
Collection by jpcras command possible |
---|---|---|---|
System log |
Windows event log |
-- |
Y |
WMI log |
system-folder\system32\WBEM\Logs\*# |
Y |
|
Process information |
Process list |
-- |
Y |
System file |
hosts file |
system-folder\system32\drivers\etc\hosts |
Y |
services file |
system-folder\system32\drivers\etc\services |
Y |
|
OS information |
System information |
-- |
Y |
Network status |
-- |
Y |
|
Environment variable |
-- |
Y |
|
Host name |
-- |
Y |
|
Windows Firewall information |
-- |
Y |
|
Dump information |
Log files for problem reports and solutions |
user-mode-process-dump-folder\program-name.process-ID.dmp Example: jpcagtt.exe.2420.dmp |
N |
- Legend:
-
Y: Can be collected.
N: Cannot be collected.
--: Not applicable.
- #
-
If log files are set to be output to another folder, collect data from that folder.