Get bulk server cpu memoru disk usage using powershell script

Input :

Save the list of servers in >>>>>>>>>>>>       c:\servers.txt

Output :

Results will be saved at >>>>>>>>>>>>>>>    C:\new\report.csv


Powershell script
###############################################################

GC C:\Servers.txt | % {
$Comp = $_
If (Test-Connection $Comp -Quiet){
$Mem = GWMI -Class win32_operatingsystem -computername $COMP
New-Object PSObject -Property @{
Server = $Comp
"CPU usage" = "$((GWMI -ComputerName $COMP win32_processor | Measure-Object -property LoadPercentage -Average).Average) %"
"Memory usage" = "$("{0:N2}" -f ((($Mem.TotalVisibleMemorySize - $Mem.FreePhysicalMemory)*100)/ $Mem.TotalVisibleMemorySize)) %"
"Total FreeSpace" = "$("{0:N2}" -f ((Get-WmiObject -Class win32_Volume -ComputerName $COMP -Filter "DriveType = '3'" | Measure-Object -property FreeSpace -Sum).Sum /1GB)) GB"
}
 }
 Else{
 "" | Select @{N="Server";E={$Comp}},"CPU usage","Memory usage","Total FreeSpace"
 }
}| Select Server,"CPU usage","Memory usage","Total FreeSpace" |
Export-Csv C:\new\report.csv -nti


#######################################################################

BSOD -due to Memory leak on 2008 SP2 - event id 2019

Event ID: 2019. The server was unable to allocate from the system nonpaged pool beacuse the pool was empty error on windows 2008 SP2 server . 

Due to  non paged pool memory exhaustion , server went to unresponsive state and BSOD occurred  Log Name: System Source: Microsoft-Windows-Kernel-General Date: 2/23/2016 4:44:12 PM Event ID: 6 Task Category: None Level: Error Keywords: User: SYSTEM Computer: xxxxxxxxxxxxxxxxxxx Description: An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): '\SystemRoot\System32\Config\SOFTWARE'. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Kernel-General" Guid="{A68CA8B7-004F-D7B6-A698-07E2DE0F1F5D}" /> <EventID>6</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x8000000000000000</Keywords> <TimeCreated SystemTime="2016-02-23T15:44:12.475801500Z" /> <EventRecordID>497033</EventRecordID> <Correlation /> <Execution ProcessID="4" ThreadID="84" /> <Channel>System</Channel> <Computer>VM994702.perceptivecloud.com</Computer> <Security UserID="S-1-5-18" /> </System> <EventData> <Data Name="FinalStatus">0xc000014d</Data> <Data Name="ExtraStringLength">36</Data> <Data Name="ExtraString">\SystemRoot\System32\Config\SOFTWARE</Data> </EventData> </Event>
##################################################################################	9:46:40 AM
Log Name: System Source: srv Date: 2/23/2016 5:00:37 PM Event ID: 2019 Task Category: None Level: Error Keywords: Classic User: N/A Computer: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Description: The server was unable to allocate from the system nonpaged pool because the pool was empty. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="srv" /> <EventID Qualifiers="49152">2019</EventID> <Level>2</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2016-02-23T16:00:37.916596600Z" /> <EventRecordID>497268</EventRecordID> <Channel>System</Channel> <Computer>VM994702.perceptivecloud.com</Computer> <Security /> </System> <EventData> <Data>\Device\LanmanServer</Data> <Binary>0000040001002C0000000000E30700C0000000009A0000C00000000000000000000000000000000001000000</Binary> </EventData> </Event>	9:46:42 AM
	9:49:02 AM
	9:49:57 AM
	11:19:07 AM
C:\Program Files (x8C:\Program Files (x86)\Windows Kits\8.1\Tools\x646)\Windows Kits\8.1\Tools\x64	11:19:20 AM
C:\Program Files (x86)\Windows Kits\8.1\Tools\x64\poolmon.exe Poolmon Result: The top line of the output is showing that the tag “MFeB” has made 220286 allocations no frees found, resulting in 81065248 bytes of nonpaged pool use – by far the biggest consumer on the system. This looks like the likely cause of the memory leak.	11:31:42 AM
mfehdisk.sys is associated with Mcafee AV  and this is know bug in Mcafee Anti virus with Patch 6 Poolmon.exe also has a few command keys that sort the output for you. Press the letter indicated below to perform the operation. It takes a few seconds for each command to work. Here is a list of a few of the commands: P - Sorts tag list by Paged, Non-Paged, or mixed. Note that P cycles through each one. B - Sorts tags by max byte usage. M - Sorts tags by max byte allocation. T - Sort tags alphabetically by tag name. E - Display Paged, Non-paged total across bottom. Cycles through. A - Sorts tags by allocation size. F - Sorts tags by "frees". S - Sorts tags by the differences of allocs and frees. E - Display Paged, Non-paged total across bottom. Cycles through. Q - Quit. Environment McAfee VirusScan Enterprise (VSE) 8.8 Patch 6 Summary Non-page pool memory leak symptoms can manifest in numerous ways: Bugchecks System event 2019 RDP failures Noticeable sluggish performance of the device Monitoring memory and observing a climb in memory resource use that never releases If you experience any of these symptoms after installing Patch 6, this article applies to you. Problem The MFeB (case sensitive) pool tag is observed to increase over time, and only when the Access Protection feature is enabled. System Change Recently installed VSE 8.8 with Patch 6, or upgraded to Patch 6. Cause A process information data structure that includes reference counting could leak memory, because the reference count is not always decremented later. This particular pool tag leak could not be investigated through static analysis (from memory dump files generated when the pool usage was high), because the structure in question has no reference or traces for where the allocation originated. Solution This issue is planned for resolution in VSE 8.8 Patch 7, which is not currently released. This article will be updated when Patch 7 becomes available. To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged in to subscribe. Workaround Intel security recommends that you reboot the affected system. If you are not able to reboot at this time, you can temporarily disable Access Protection, although this is not a best practice. Related Information This topic was also discussed in the following Intel Security Community thread:  https://kc.mcafee.com/corporate/index?page=content&id=KB86124 VirusScan Enterprise 8.8 Patch 6 Known Issues https://kc.mcafee.com/corporate/index?page=content&id=KB84854	11:53:32 AM
http://neil-it.blogspot.in/2010/04/windows-2003-r2-crashing-every-two-days.html	12:02:55 PM
https://www.simple-talk.com/sysadmin/general/troubleshooting-nonpaged-and-paged-pool-errors-in-windows/	12:05:50 PM
	12:47:55 PM

How to install a patch through DISM command?

Mounting wim file :

Extract the Windows 7 OS file

Go to sources

Copy “Install.wim”

Paste it on C:\tempmount

Add caption

Now go to command prompt and mount the wim  file to c:\tempmount\mount

Note : c:\tempmount\MOUNT directory should be empty . If not you will receive the below error

Refer the below link

https://technet.microsoft.com/en-in/library/hh824814.aspx

C:\Windows\system32>dism /mount-wim /wimfile:c:\tempmount\install.wim /index:1 /

mountdir:c:\temp

Deployment Image Servicing and Management tool

Version: 6.1.7600.16385

Error: 0xc1420114

The user attempted to mount to a directory that is not empty.  This is not suppo

rted.

The DISM log file can be found at C:\Windows\Logs\DISM\dism.log

C:\Windows\system32>dism /mount-wim /wimfile:c:\tempmount\install.wim /index:1 /

mountdir:c:\tempmount\mount

Deployment Image Servicing and Management tool

Version: 6.1.7600.16385

Mounting image

 [==========================100.0%==========================]

The operation completed successfully.

Now, proceed with patch installation.

https://blogs.technet.microsoft.com/configmgrdogs/2012/02/14/applying-windows-updates-to-a-base-wim-using-dism-and-powershell/

C:\Windows\system32>DISM /image:C:\TempMount\Mount /Add-Package /Packagepath:C:\

Users\Trainer\Downloads\Programs

Deployment Image Servicing and Management tool

Version: 6.1.7600.16385

Image Version: 6.1.7600.16385

Processing 1 of 1 - Adding package C:\Users\Trainer\Downloads\Programs\Windows6.

1-KB2716542-x64.msu

The operation completed successfully.

C:\Windows\system32>

Refer : https://blogs.technet.microsoft.com/askcore/2011/02/15/how-to-use-dism-to-install-a-hotfix-from-within-windows/

VCE TO PDF

thefilebook.com/vcetopdf.aspx

create a memory dump file without a page file in 2008 R2 server

https://support.microsoft.com/en-in/kb/2716542

A hotfix is available that enables a Windows 7-based or Windows Server 2008 R2-based computer to create a memory dump file without a page file

Analyzing disk performance by using Windows Performance Monitor (perfmon)

Examine disk statistics by using performance counters that are available in the Performance Monitor.

1. Start Performance Monitor. From a command prompt, enter: perfmon.
2. Create a Data Collector Set to collect data about disks. Select the following performance counters from the Physical Disk category:
   • Avg. Disk Sec./Transfer
   • Avg. Disk Queue Length
   • Avg Disk Bytes/Transfer
   • Disk Bytes/sec
   • Split IO/sec
3. Run perfmon tool while you are experiencing the performance problem. Compare the results with the guidance in the following table.

   Performance counter	Guidance
   Physical Disk: Avg. Disk Sec./Transfer	Values less than 25 ms are good.
   Physical Disk: Avg Disk Queue Length	A value that is 2 or 3 times the number of disks in the array is optimal.
   Physical Disk: Avg Disk Bytes/Transfer	The goal is that the stripe size for the array is at least the average of this counter.
   Physical Disk: Disk Bytes/sec	Optimal result is that the sum of values for all disks that are attached to a single controller is less than 70% of the theoretical throughput.
   Physical Disk: Split IO/sec	A nonzero value for this counter indicates possible disk fragmentation.