Monday 18 December 2017

Cluster: Troubleshooting an Issue Using Failover Cluster Manager Cluster Events

When we run into issues the first thing we can do is poll the nodes via the Cluster Events log in Failover Cluster Manager (FCM).

  1. Open Failover Cluster Manager
  2. Click on Cluster Events in the left hand column
  3. Click on Query
    • image
  4. Make sure the nodes are ticked in the Nodes: section
  5. In the Event Logs section:
    • Microsoft-Windows-Cluster*
    • Microsoft-Windows-FailoverClustering*
    • Microsoft-Windows-Hyper-V*
    • Microsoft-Windows-Network*
    • Microsoft-Windows-SMB*
    • Microsoft-Windows-Storage*
    • Microsoft-Windows-TCPIP*
    • Leave all defaults checked
    • OPTION: Hardware Events
  6. Critical, Error, Warning
  7. Events On
    • From: Events On: 2017-12-17 @ 0800
    • To: Events On: 2017-12-18 @ 2000
  8. Click OK
  9. Click Save Query As...
  10. Save it
    • Copy the resultant .XML file for use on other clusters
    • Edit the node value section to change the node designations or add more
  11. Click on Save Events As... in FCM to save the current list of events for further digging

Use the Open Query option to get to the query .XML and tweak the dates for the current date and time, add specific Event IDs that we are looking for, and then click OK.

We have FCM and Hyper-V RSAT installed on our cluster's physical DC by default.

Philip Elder
Microsoft High Availability MVP
MPECS Inc.
Co-Author: SBS 2008 Blueprint Book
Our Web Site
Our Cloud Service

Posted by Philip Elder Cluster MVP at 12:38
Labels: , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)