Tip of the Day: Active Memory Dump

Today’s Tip…

There’s a new type of memory dump that filters out a bunch of stuff (where stuff = pages not important in diagnosing most issues), making the dump file much smaller and easier to save and /or copy. It has been described as “more compact than a complete memory dump, while containing ‘active memory’ in kernel and user mode space,” (Ge, 2014). The blog post below has additional information and configuration steps via the registry and PowerShell.

References:

Bhattacharya, B. S. (2015, May 18). Windows Server 2016 Failover Cluster Troubleshooting Enhancements – Active Dump. Retrieved October 18, 2016, from https://blogs.msdn.microsoft.com/clustering/2015/05/18/windows-server-2016-failover-cluster-troubleshooting-enhancements-active-dump/

Ge, C. T. (2014, October 2). Windows 10 – Active Memory Dump. Retrieved October 18, 2016, from https://chentiangemalc.wordpress.com/2014/10/02/windows-10active-memory-dump/