Whenever I'm working a problem, especially on an unfamiliar system, if is often helpful to discover as much about the computer as I can. In fact, for some problems you may not have any choice but to dive deep in system configuration. Fortunately Windows 7 offers a number of tools to make this task more manageable and perhaps even little fun. In most cases you can use these tools to query local and remote computers. I like using these tools to gather baseline information so I have something to compare when things go wrong.
A great deal of system information management comes from Windows Management Instrumentation (WMI). Don't panic. We're not going to be scripting. All you need to do is make sure the Windows Management Instrumentation (winmgmt) service is running everywhere and that you have enabled the remote management exception in the Windows Firewall. Querying WMI remotely requires RPC connectivity and administrative credentials. Once you've taken care of this, working with advanced system information is not really that difficult.
Performance and System Information
The first system information screen you are most likely familiar with is the Windows System Assessment Tool.
Figure 1: WinSAT Score
What you may not have noticed is the link to view detailed performance and system information. Clicking it will give a result like Figure 2.
Figure 2: Detailed System Report
The report offers some high level, but useful, system information. Unfortunately the only way to save this information is to print it. That's why I like having a PDF printer so I can keep a digital record.
Back on the WinSAT page notice the link on the left side labeled Advanced Tools?
Figure 3: Advanced Tools
Let's check out a few of these goodies.
System Information with MSInfo32
In the Advanced Tools window, select 'View advanced system details in System Information.' In a moment you should get something like Figure 4.
Figure 4: System Information
The initial screen is a decent system summary. The left panel is a navigation menu of more detailed system information. You can retrieve information about all types of hardware components and configuration. Figure 5 shows the display information.
Figure 5: Display System Information
You can also view software and operating system information under Software Environment. For example, suppose I need to look at system drivers. Figure 6 shows just about everything I could possibly need.
Figure 6: System Driver Information
The System Information tool has a search feature. You can search the entire report or a selected category.
Not only can you print from this tool, but you can also save the results to a System Information File (.nfo). This is a custom format tied to the System Information tool. What this means for you is that you can export system information to a file, and open the saved file. There is also an option to export the information to a text file if that format better suits your needs.
But this tool gets better. Under View, there is an option to connect to a remote computer. Or you can use the Ctrl+R shortcut. Enter a remote computer name when prompted and you'll get a system information report for that computer as well. As long as WMI is working and you have network connectivity, you can connect to a remote machine and gather all sorts of information that might help you troubleshoot a problem.
System Information can be launched from the command line or Start Run with the msinfo32 command. You can even specify a remote computer to connect to.
Msinfo32 /computer server01
If you omit the /computer parameter you'll get the local computer. I also like that I can create .nfo reports from the command line.
Msinfo32 /computer server01 /nfo c:\work\server01-sysinfo.nfo
It might take a minute or two for the file to be saved so don't worry if you don't see it immediately. If you prefer a text file report use the /report parameter instead of /nfo and specify a text file/
System Health Report
Another report I expect you'll find helpful is also on the Advanced Tools screen is 'Generate a system health report'. Windows will take a few minutes to collect performance and system information as shown in Figure 7.
Figure 7: System Health Report
The report is organized into collapsible sets that can reveal some amazing information. Consider the results in Figure 8.
Figure 8: Detailed Health Report
I can see which files are causing the most disk I/O as well as associated processes.
You can print this entire report or you can save it as an HTML file, complete with collapsible sections. The downside to this tool is that there is no provision to report on remote computers. To accomplish that on our own we need to turn to Windows PowerShell.
Unlike the days of VBScript, working with WMI and system information is much easier in PowerShell and we don't need any scripting. Instead we call cmdlets in pipelined expression to retrieve the information we need. Many cmdlets support connecting to one or more remote computers, even without PowerShell 2.0 remoting. Look for the -Computername parameter. But if you need to manage a large number of remote systems, I think you'll find PowerShell remoting invaluable, especially when combing with background jobs. But for the sake of this article, I'll keep it simple.
Let's say you are troubleshooting a problem and you suspect some process is consuming too much system resources. The Get-Process cmdlet will provide all the information you need and PowerShell makes it a breeze to whittle it down. In this example I'm getting all processes sorted by WorkingSet in descending order and only viewing the first 5 in the list.
PS C:\> get-process | sort workingset -descending | select -first 5 Handles' NPM(K)''' PM(K)''''' WS(K) VM(M)'' CPU(s)'''' Id ProcessName -------' ------''' -----''''' ----- -----'' ------'''' -- ----------- 576''''' 30'' 151320'''' 147224'' 307'' 174.52'' 1128 svchost 537''''' 31'' 135836'''' 143252'' 593'''' 7.39'' 6792 powershell 505''''' 89''' 43012'''' 137208'' 343'' 214.59'' 4996 SnagitEditor 632''''' 68''' 64412'''' 119960'' 489'' 107.70'' 7052 WINWORD 1100''''' 71''' 81856''''' 93056'' 399'' 191.79''' 200 explorer
These are the top 5 processes then using the most memory.
Sometimes the information you need is the state of a particular service. The Get-Service cmdlet works both locally and remotely.
PS C:\> get-service wsearch Status'' Name'''''''''''''' DisplayName ------'' ----'''''''''''''' ----------- Running' wsearch''''''''''' Windows Search
This is the status on the local computer, but I could have used 'computername to specify one or more remote computers.
Sometimes the detailed system information you need comes from a performance counter. In PowerShell 2.0 we can use Get-Counter.
PS C:\> get-counter
Without any parameters, you get a default set of performance data. I don't have space here to really discuss this cmdlet but once you discover what counters you can use, they are easily retrieved.
PS C:\> get-counter -Counter "\memory\available mbytes","\memory\pool paged bytes" Timestamp'''''''''''''''' CounterSamples ---------'''''''''''''''' -------------- 11/24/2010 9:25:11 PM'''' \\serenity\memory\available mbytes : 6131 \\serenity\memory\pool paged bytes : 405450752
But the real workhorse of system information in PowerShell is Get-WMIObject. You have to know a few WMI classes, but I can help you there if this is totally new to you. At its most basic, all you need to do is call Get-WMIObject and specify a class. PowerShell will handle the rest.
PS C:\> get-wmiobject win32_computersystem -ComputerName Serenity Domain''''''''''''' : WORKGROUP Manufacturer''''''' : TOSHIBA Model'''''''''''''' : Qosmio X505 Name''''''''''''''' : SERENITY PrimaryOwnerName''' : Jeffery Hicks TotalPhysicalMemory : 8577855488
There is actually more information to this class than what is displayed. Here's a handy trick to see all the properties. Pipe any WMI expression to Select *.
PS C:\> get-wmiobject win32_computersystem -ComputerName Serenity | Select *
Typically you can ignore any property that starts with a double underscore, like _CLASS. These are system properties you rarely need to use. But everything else is fair game. Once you know the property names, select them.
PS C:\> get-wmiobject win32_computersystem -ComputerName Serenity | select Manufacturer,Model,SystemType,Number*,TotalPhysicalMemory Manufacturer''''''''''''' : TOSHIBA Model'''''''''''''''''''' : Qosmio X505 SystemType''''''''''''''' : x64-based PC NumberOfLogicalProcessors : 8 NumberOfProcessors''''''' : 1 TotalPhysicalMemory'''''' : 8577855488
Another useful class is Win32_Operatingsystem. I'll let you explore it in more detail but here's one way you might want to use it.
PS C:\> get-wmiobject win32_operatingsystem | select CSName,*memory* CSName'''''''''''''''' : SERENITY FreePhysicalMemory'''' : 6230016 FreeVirtualMemory''''' : 13620168 MaxProcessMemorySize'' : 8589934464 TotalVirtualMemorySize : 16751724 TotalVisibleMemorySize : 8376812
What's great about PowerShell is that if you can do something for one computer you can do it for 10 or 100. Create text file of computer names with one name per line. Use PowerShell to 'read' the text file. Here's the same command but executed against a list of computers.
PS C:\> get-wmiobject win32_operatingsystem 'computername (Get-Content c:\work\computers.txt) | select CSName,*memory* | Export-CSV 'path c:\work\osmemory.csv -notypeinformation
Not only will I get the memory information I want for all the computers, but I've saved the results to a CSV file I can open in Microsoft Excel for further study.
Here are some other WMI classes I think you'll find useful in gathering detailed system information.
With experience you'll be able to discover all types of system information with these and other WMI classes. Of course, the more PowerShell and WMI you know, the further you can take this
Plenty of Tools
Windows 7 offers a number of tools for gathering system information for not only the local computer, but remote systems as well. Which tool you use is a matter of comfort, preference and to some degree the information you are after. I encourage you to build a baseline library of system and performance information using MSInfo32.exe. Then when something goes wrong you have something to refer back to and hopefully you can identify what things have changed.
PowerShell offers a lot of flexibility and naturally lends itself to automation through scripting. Although everything I showed you didn't require a single script.
For small to mid-size shops I think you can accomplish quite a bit with these tools. Especially when managing multiple remote computers. But if you aren't comfortable, have firewall issues outside of your control or need to scale, then there's nothing wrong in investigating 3rd party alternatives from Microsoft and other vendors.