I recently experimented an issue with our Azure server and could not see why this was happening so I decided to setup some Windows counters.
Logman is a counter engine for Windows computer which will help us for testing our performance (Network/Disk Usage/Caches & Memory).

1. Create the counter

Firstly let’s create the counter. This example below will capture everything we need for every seconds recorded.

Logman.exe create counter Perf-1Second -f bincirc -max 500 -c “\LogicalDisk(*)\*” “\Memory\*” “\Network Interface(*)\*” “\Paging File(*)\*” “\PhysicalDisk(*)\*” “\Server\*” “\System\*” “\Process(*)\*” “\Processor(*)\*” “\Cache\*” -si 00:00:01 -o C:\PerfMonLogs\Perf-1Second.blg

Notes:

-max: Allows to have a maximum size for a specific log
-c: Specify the path for the counter such as
“\LogicalDisk(*)\*”
“\Memory\*”
“\Network Interface(*)\*”
“\Paging File(*)\*”
“\PhysicalDisk(*)\*”
“\Server\*”
“\System\*”
“\Process(*)\*”
“\Processor(*)\*”
“\Cache\*”
-f: Specifies the log format for the data collector.
-si: mention the interval
-o: Output file

2. Start the counter

Once the counter is created it does not mean that it is running. We still need to send the start instruction.

Logman start Perf-1Second

3. Stop the counter

After 5-10 minutes we will stop recording as file is getting bigger and bigger. Let’s send stop instruction

Logman stop Perf-1Second

Let’s have a look a the capture now

In this demo case we can see some peak for the Network card (brown color).

We can imagine different scenario when computer is very slowing down and you are trying to understand what is the real cause of the problem. Well this is a pretty good starting point before even thinking about virus & protection.