Masterclass: Troubleshooting Windows Infrastructure – From Zero to Hero

Warsaw, Poland
June 11th – 15th, 2018

Inquire Now

Why are we doing this?

This is a deep dive course on infrastructure monitoring! We would like to say, “Finally!” It took a long time to prepare good examples, tools and scenarios for you! Regular monitoring ensures that you always have up-‐to-‐date knowledge about how particular components of your infrastructure operate. The most important thing in monitoring is to work out the baseline that can be a good reference to identify problems and to analyze some specific conditions of infrastructure components to operate.

 In a vast majority of cases operating system, troubleshooting involves monitoring, from analysis of the boot process to network performance or even particular processes. During the course, you will become familiar with great monitoring tools and their efficient usage and several techniques for monitoring infrastructure components and their particular working phases. 

The course covers the following operating systems: Windows 7, Windows 8/8.1, Windows Server 2008 R2, Windows Server 2012/R2.

Course Syllabus

Module 1

Becoming familiar with Tools

  • Performance Monitor, PAL, Process Monitor, Process Explorer, MPSReport, SPSReport, SPDisposeCheck, Dependency Walker, SQL Nexus, LogParser, Indihiang, PowerShell, Application Verifier, Logger/LogViewer, XPerf – Windows Performance Analyzer, PerfView – Low Level Profiler for .NET applications, DebugDiag – Debug Diagnostic, ProcDump, WinDbg, Netmon, Fiddler – HTTP Debugger Proxy, NP .NET Profiler and other useful ones!

Module 2

Operating system monitoring techniques

  • Monitoring system activities
  • Profiling system and application activities
  • Monitoring resource usage per process / thread / functions
  • Usage of default and custom symbols
  • Performance Monitor usage cases

Module 3

Memory Analysis techniques

  • Performing memory dumps
  • Support for very large heaps (gigabytes)
  • Snapshot diffing
  • Analysis of the dump files (.dmp)
  • Case study: solving problems with applications

Module 4

Advanced disk performance analysis

  • Within this module students will become familiar with disk performance monitoring – starting with RAIDs, ending up with cluster configuration techniques. For some server roles cluster size really matters, so that administrators can achieve the best performance in specific infrastructure configuration.

Module 5

Xperf and usage scenarios

  • Installing the Windows Performance Toolkit (WPRUI, WPR, Xperf)
  • WPR/Xperf: Capturing high CPU, disk I/O, file, registry, networking, memory bytes, paged pool/nonpaged pool and/or application slowness.
  • Slow Boot Slow Logon (SBSL) case
  • Solving problems with slow applications using custom symbols
  • Stack Walk

Module 6

Kernel Mode and User Mode monitoring techniques

  • From the continuity perspective blue screen is always an unpleasant experience. From the debugging perspective – we have just been protected from malicious things that could have happen to operating system integrity. Blue screen is positive in its own way – it helps to intricate who caused the problem, it needs to be analyzed though. Within this module students will become familiar with kernel mode and user mode techniques and tools.


Module 7

Network monitoring

  • Sniffing techniques
  • Monitoring network usage by processes
  • Monitoring network stack (stackwalk)
  • Solving problems with network
Inquire Now

Click here to browse the modules:



You should have good hands-on experience in administering Windows infrastructure with at least 8 years in the field.


You should have good understanding of how operating system works.


Ideally you should have read “Windows Internals” by Mark Russinovich book.