Tuesday, July 5, 2011

Windows 2008 Cluster Log Location

Looking for the Windows Cluster Log in Windows 2008 or Windows 2008 R2?  It's no longer a simple text file in the windows cluster directory as it was with Windows 2003.  There is a much more suphisticated system of tracing/logs in the new Event Tracing for Windows (ETW) which is now used in Windows 2008. 

If you want to extract a log file similar to the old cluster.log, perform the following:
1.   Go to a command prompt
2.   Type "Cluster /Cluster:yourclustername log /gen /copy "C:\temp".
3.   Navigate to the c:\temp directory and there you will find the .log files for each node of your cluster.

The cluster log can now be opened in Notepad.

Full details of the new ETW feature of Windows used by the failover clustering feature is provided on MSDN and Technet.

No comments:

Post a Comment