- About LogicMonitor
- Cloud Monitoring
- Dashboards and Widgets
- Getting Started
- LM Service Insight
- Backup and Recovery Systems
- Cloud Resources
- Networking & Firewalls
- Cisco VoIP Monitoring
- Cisco UCS Monitoring
- Brocade Application Delivery Controllers
- Checkpoint Firewalls
- Cisco APIC Monitoring
- Cisco ASA/ASR
- Cisco Device SNMP and NTP Configuration
- Cisco Firepower Chassis Manager Monitoring
- Cisco IP SLA Monitoring
- Citrix NetScalers
- Dell Switch Monitoring
- F5 BIG-IP Monitoring
- Fortinet Fortigate Firewalls
- Infoblox Monitoring
- Interface Status alerting and Bandwidth Utilization
- Juniper SRX
- Kemp LoadMaster Load Balancers
- Meraki Cloud Access Controllers
- NetFlow Monitoring
- Palo Alto Firewalls
- pfSense Firewalls
- Sonicwall Firewalls
- Operating Systems & Virtualization
- VMware Horizon Monitoring
- Citrix XenServer Monitoring
- Citrix XenApp/XenDesktop Monitoring
- ESXi Servers and vCenter/vSphere Monitoring
- Linux Disk Performance
- Linux File Systems reporting more than 100% usage
- Linux Inodes
- Linux Interface Bandwidth Utilization
- Linux NFS Server
- Monitoring a Domain Controller (DC)
- Monitoring Remote Linux Files
- NTP Configuration
- NTP Monitoring
- Nutanix HyperConverged Infrastructure
- SNMP v1/v2 Configuration
- SNMPv3 Configuration
- Solaris Monitoring
- Troubleshooting Perfmon Access
- Troubleshooting SNMP
- Troubleshooting WMI
- VMware vCenter Server Appliance (VCSA) Monitoring
- Windows Cluster Monitoring
- Windows Firewall Issues
- Windows Server 2000
- Windows XP
- Applications & Databases
- Microsoft Office 365 Monitoring
- OpenMetrics Monitoring
- Zoom Monitoring
- Apache Monitoring
- Cassandra Monitoring
- ConnectWise Monitoring
- Email Service Monitoring
- Java Applications
- Lighttpd Monitoring
- Microsoft Exchange Monitoring
- Microsoft SQL Server Monitoring
- MongoDB Monitoring
- MySQL Monitoring
- Nginx Monitoring
- Oracle Monitoring
- Pick & D3
- Postfix Monitoring
- PostgreSQL Monitoring
- RabbitMQ Monitoring
- Redis Monitoring
- Twilio Monitoring
- Varnish HTTP Accelerator
- Server & Operations Hardware
- Storage Systems
- Cisco HyperFlex Monitoring
- Apache Hadoop Monitoring
- EMC ECS
- EMC Isilon Monitoring
- EMC Unity Monitoring
- EMC VMAX
- EMC VNX/Clariion SAN
- EMC VNXe
- EMC VPLEX
- EMC XtremIO
- HPE 3PAR Storage
- HP MSA / StorageWorks / P2000
- HP P4000/Lefthand SANs
- NetApp E/EF-Series Monitoring
- NetApp Monitoring
- Nimble Storage
- Panzura Cloud Storage
- Quantum Small Tape Libraries
- VMware vSAN Monitoring
- Rest API Developers Guide
- RPC API Developers Guide - Deprecated
- Servicenow CMDB Integration
- Terminology and Syntax
Chances are that if you are an avid Windows user, you have probably come across the Perfmon utility at least once in your exploration of system and network monitoring.
Most of LogicMonitor’s Windows data collection uses WMI queries, but we do utilize Perfmon counters for our Windows SQL Server, Exchange (earlier versions), and SMTP DataSources. If you see gaps of No Data for these DataSources in particular, but the rest of your data collection (CPU, Disk, Memory, Ping, DNS metrics) is stable, then it is likely there is an issue with Perfmon on the monitored device.
Because Perfmon accesses performance counters from remote hosts, it is necessary that your collector services have Local Administrative privileges to access counters on your remote host if you are using a domain. If you are using a workgroup, your collector will need to be running under a user that has Local Administrative rights on the remote workgroup host that you are attempting to monitor.
NOTE: If the WMI credentials set for your device include a domain\user, but the remote computer is in a different domain, and the user is local, you may need to define pdh.user and pdh.pass properties to access Perfmon data. If pdh.user and pdh.pass properties are defined on your device, they will be used over any WMI username and password properties defined for collecting Perfmon data.
Perfmon Connection Timeouts & Latency
The most common symptoms seen when troubleshooting Perfmon instability are issues where Perfmon is having difficulty initiating a connection to a remote host. This must succeed between the collector and host in order for the LogicMonitor Active Discovery mechanism to detect which Perfmon performance counters are available on the remote host and to read data from the host.
After DataSource instances have been added to the host, Perfmon connectivity must continue to function in order for data collection to operate in a stable manner. If connectivity is interrupted after DataSource instances have been discovered, you will end up with blank or spotty graphs that are returning No Data.
To troubleshoot these connectivity issues:
- Remote into the collector machine under the user that your collector services are running under, and open a Run prompt > “perfmon.exe” to access the Perfmon GUI.
- Use the green “+” option to “Add” a new count.
- Specify the UNC path of your remote machine. When you are finished adding the path, Perfmon will pause while it automatically attempts to make a connection.
- If the connection is successful, you should be returned with a listing of all of the available Perfmon performance counters for your remote machine.
- If the connection fails, please attempt the same procedure from the local collector to itself, and from the local host to itself, to isolate the issue down to the host machine or the collector machine.
If you are unable to make a connection using the perfmon.exe utility on your collector to your remote host, the collector services will be unable to do so as well. This indicates an issue not with LogicMonitor, but with your Windows configuration or authentication.
Services & Dependencies
If WMI-based data collection succeeds, but Perfmon DataSources fail & you cannot get a connection established via the Perfmon utility, the issue may be that certain services need to be running on the host being monitored for Perfmon to respond to RPC queries.
The following services must be set to an Automatic startup type:
- Remote Procedure Call (RPC)
- Remote Registry
And the following services must set to Manual or greater startup type:
- WMI Performance Adapter
- Performance Counter DLL Host
- Performance Logs and Alerts
- Remote Procedure Call (RPC) Locator
Perfmon relies on inbound RPC port 135 TCP and Windows SMB port 445 TCP on the host. When troubleshooting Perfmon connectivity issues, please ensure that these ports are unrestricted in your firewall configuration.
If the steps above do not resolve the issue and you suspect permission issues are to blame, you can work around this via regedit:
- Open regedit on the machine to which you are trying to connect to perfmon.
- Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Perflib.
- Right click on Perflib key and select permissions.
- Click Add and add Local Service with full control.
- Save and exit.
- Restart the Remote Registry Service.
Rebuilding Perfmon Performance Counters
If you happen to get a response via Perfmon utility and from the collector debug console, but you get an error similar to “Object Not Found” when you attempt to view a counter, try repairing the counters with the following commands:
- cd c:\windows\system32
- lodctr /R
- cd c:\windows\sysWOW64
- lodctr /R
- WINMGMT.EXE /RESYNCPERF
- A restart is advised, but if that is not possible:
- Stop and restart the Windows Management Instrumentation service (set to automatic if not already).
- Stop and restart the Performance Logs and Alerts service (set to automatic if not already).
Also, see SQL Server monitoring
For additional help with troubleshooting your Windows Perfmon data collection, please submit a support ticket or use the chat with engineer link.
In this Article: