Two Minute Drill: RELOG.EXE

Following on from our last Two Minute Drill, today’s topic is the RELOG.EXE utility.  RELOG.EXE creates new performance logs from data in existing performance logs by changing the sampling rate and / or converting the file format.  RELOG.EXE is not a new tool – it is however one of those tools that most administrators are not aware of.  Although RELOG.EXE is a fairly simple tool, it is incredibly powerful.  Let’s look at the built-in help file for RELOG.EXE:

RELOG <filename [filename …]> [options]

Parameters:
  <filename [filename …]>     Performance file to relog.

Option Description
-? Display context sensitive help
-a Append output to the existing binary file
-c <path> Counters to filter from the input log
-cf <filename> File listing performance counters from the input log.  The default is all counters in the original log file
-f <CSV | TSV | BIN | SQL> Output file format
-t <value> Only write every nth record into the output file
-o Output file path or SQL database
-b <M/d/yyyy h:mm:ss [AM | PM> Begin time for the first record to write into the output file
-e <M/d/yyyy h:mm:ss [AM | PM> End time for the last record to write into the output file
-config <filename> Settings file containing command options
-q List performance counters in the input file
-y Answer yes to all questions without prompting

Now, let’s look at some common scenarios:

Scenario 1: Converting an existing Performance Monitor Log

Although most administrators are comfortable using the .BLG file format and reviewing Performance data within the Performance Monitor tool, there are some advantages to reviewing the data in a different format such as a Comma-Separated Value file (.CSV).  The process to convert a .BLG to .CSV is straightforward using RELOG.EXE: relog logfile.blg -f csv -o logfile.csv

Scenario 2: Filtering a Performance Monitor Log by Performance Counter

In our last Two Minute Drill we showed you how to capture a baseline performance monitor log.  We also provided a couple of sample commands that we use in our troubleshooting to capture performance data.  However, once we get those performance logs, filtering through them can sometimes be very time consuming – especially in instances where the system is extremely active.  Oftentimes, it is useful to have both the raw data as well as a filtered subset that only shows a couple of counters.  Using RELOG.EXE we can do just that – in this example, we are going to separate out just the Private Bytes counter for all Processes: relog originalfile.blg-c "\Process(*)\Private Bytes" -o filteredfile.blg

Scenario 3: Filtering a Performance Monitor Log by Time

The last scenario we are going to look at is extracting a subset of performance data from a Performance Monitor log based on time.  This is especially useful when you have a large data sample where there are multiple instances of an issue that occurred during the time that the performance data was captured.  Using RELOG.EXE with the -b and -e options we can pull out a subset of this data and write it to a separate file – I am going to use a sample of the baseline file I created earlier: RELOG.EXE baseline.log.blg -b "5/6/2008 8:00:00 AM" -e "5/6/2008 8:34:00 AM" -o filteredcapture.blg.

As you can see there are fewer samples in the filteredcapture.blg file.  This particular type of filtering is extremely useful when you want to send a subset of performance data to other systems administrators (or even Microsoft Support!)

And that’s it for our post on RELOG.EXE.  Until next time …

CC Hameed


Share this post :