Introduction to Cluster Diagnostics and Verification Tool for Exchange Administrators
Topic Last Modified: 2005-12-14
By Rob Wilcox.
This article covers the Cluster Diagnostics and Verification (ClusDiag.exe) tool, which can be very useful when troubleshooting reasons for cluster failovers or problems with cluster resources starting. The Cluster.log file is very often overlooked by Microsoft® Exchange Server administrators when troubleshooting an Exchange Server cluster.
The Cluster Diagnostics and Verification Tool (ClusDiag.exe) is a graphical tool that performs basic verification and configuration analysis checks on a pre-production server cluster and creates log files to help system administrators identify configuration issues prior to deployment in a production environment. ClusDiag.exe can capture all relevant log files and event logs from each node of a server cluster and merge them into a single file for easy analysis and troubleshooting. Administrators can analyze these log files with built-in filtering, merging, and bookmarking functionality and generate various diagnostics reports. ClusDiag.exe can also create graphical and text-based reports of cluster disk and network configurations, as well as generate a graphical view of the cluster resource dependency tree.
You can obtain ClusDiag.exe from the Microsoft Windows Server 2003 Resource Kit, or you can downloaded it from the Cluster Diagnostics and Verification Tool (ClusDiag.exe) Web site.
You can use ClusDiag.exe to view either a Microsoft Windows® 2000 Server cluster server’s cluster log, or a Windows Server™ 2003 cluster log. The information in this article assumes you’re using a Windows Server 2003 cluster.
Most likely you will be using ClusDiag.exe to view a cluster log when there has been a problem identified on the computer, and the following sections discuss how to do this task.
|Although Cluster.log can be copied from the cluster server manually, it is already collected by the cluster version of MPSReports tool. For more information about this tool, including downloading it, see Microsoft Product Support's Reporting Tools.|
The following figure shows the dialog box you see when you first open the Cluster Diagnostic and Verification Tool.
You can use this dialog box to go to the folder that contains the cluster log file..
|A cool way to open a cluster log is to drag the file straight to the cluster diagnostic window.|
The following figure shows a filtered view of the cluster log that you see when you first open the cluster log file.
You can see the default filter by clicking View, clicking Filter, and then clicking Show Filter, or by pressing F4. The following figure shows the default filter.
The default filter is set up to indicate a warning or something of interest for troubleshooting purposes is believed to have happened.
The final thing to notice is that some items are color coded. You can see and change the color coding by clicking Tools, clicking Options, and then clicking the Color Codes tab.
Cluster logs can be quite large, and one of the features that is very useful in ClusDiag.exe is the ability to place a bookmark in to the cluster log file. You create a bookmark by clicking the far left side of a line in the log file as shown in the following figure.
|Bookmarks aren’t saved when you exit the Cluster Diagnostic and Verification Tool.|
You can add a comment to any line in the cluster log. You add a comment by right clicking a line, clicking Comment, and then clicking Edit. on A line with a comment attached appears by default with yellow highlighting; if you place your mouse cursor over the line, you see the comment displayed as a tool tip as shown in the following figure.
Comments are saved in an XML file that is reread when you open the cluster log. The file containing the xml is in the same folder as the original log file. For example:|
<STRING>Something looks to have happened here. Investigate later</STRING>
Beyond the regular methods of navigating in ClusDiag.exe, a quick way to jump around the cluster log is to jump between bookmarks. You can use the flag icons on the toolbar to create, move between, and clear bookmarks. The first flag adds a new bookmark, the second flag moves the position in the log file to the next bookmark, the third flag icon moves you to the previous bookmark, and the last flag clears the current bookmark.
One of the trickier things in a cluster log is the time zone differences. The log file is always written as GMT, but you now have two ways of viewing time differently.
First, you can look for and review the following entries in the cluster log file:
f0c:f10.06/25[20:08:51.434](000000) INFO [CS] Cluster Service started - Cluster Node Version 4.3790
f0c:f10.06/25[20:08:51.434](000000) INFO OS Version 5.2.3790 (ADS 03000112L)
f0c:f10.06/25[20:08:51.434](000000) INFO Local Time is 2003/06/25-20:08:51.434
The last line shows you the local system time.
The second way to view the local time for the log file entries is to click the clock icon in the toolbar, and then select View Local Time. This will switch the log entries to show you the time synched to the local time on the cluster.
Additionally, you can use ClusDiag.exe to convert Win32® error codes into English. To convert the code, select just the error code (for example, the 53 part in the following line).
6d8:6f8.07/02[10:07:51.063](000160) WARN [INIT] Failed to join cluster, status 53
After you select the error code, click Tools, and then click Find Win32. The following figure shows an example of the text of the error code.
For more information, see the following Microsoft Knowledge Base articles: