At Microsoft’s Build conference last week I attended a Server 2012 press event led by Jeffrey Snover, the Lead Architect for the Windows Server Division.
He and others spoke about the key features of Server 2012 and how it justifies Microsoft’s claim that it is the cornerstone of the Cloud OS.
It is a strong release; but after the event I asked Snover what he thought about a problem which is at the micro-management level, far removed from the abstractions of cloud.
The Windows event log, I observed, invariably fills with errors and warnings. Many of these are benign; but conscientious administrators spend significant effort investigating them, chasing down knowledgebase articles, and trying to tweak Windows Server in order to fix them. It is a tough and time-consuming task.
When, I asked, will we see an edition of Windows Server that does a better job of eliminating useless and unnecessarily repetitive log entries and separating those which really matter from those which do not?
[I realise that the Event Viewer makes some effort to do this but in my experience it falls short.]
That’s hard he said. It will take a long time.
Which is better than saying that the problem will never be solved; but you wonder.
I also realise that this issue is not unique to Windows. Your Linux or Mac machine also has logs full of errors and warnings. There is an argument that Windows makes them too easy to find, to the extent that scammers exploit it by cold-calling users (generally not server admins) to persuade them that they have a virus infection. On the other hand, ease of access to logs is a good thing.
What is hard is discerning, with respect to any specific report, whether it matters and what action if any is required. One reason, perhaps, why we will always need system administrators.
It was always thus. I remember in the old days we had a line printer which spat out a few lines every time an error went in the log. Actually that was the log. In those days there was not much we could do, but you would have thought that these days you could have a log analyser with a bit of AI in it. Such things probably exist, but it would be nice if MS supplied one with the OS.
I’ve been using a3rd party tool for this for 10 years!
@Paul
I once tried to copy a computer tape long ago using JCL on an IBM 360 when I was a student. I got the results back as a big fat line printer stack several feet high. Seems my format specs were wrong and the dumb OS just stated to print out errors and the operator let it run for a while, possibly just so they could bill me for my mistake.