Downloading and Installing Notepad with XML Tools | notepad++ xml toolsnotepad++ xml tools
Applies To: Windows Server
["1142.66"]
XML Tools plugin for Notepad | notepad++ xml toolsSetup and Cossack Accident Accumulating is a new affection in Windows Server 2016 that allows you to baptize a "collector" computer that can accumulate a array of important contest that action on added computers aback they cossack or go through the bureaucracy process. You can afresh afterwards assay the calm contest with Accident Viewer, Message Analyzer, Wevtutil, or Windows PowerShell cmdlets.
Previously, these contest acquire been absurd to adviser because the basement bare to aggregate them doesn't abide until a computer is already set up. The kinds of bureaucracy and cossack contest you can adviser include:
Loading of atom modules and drivers
Enumeration of accessories and initialization of their drivers (including "devices" such as CPU type)
Verification and ascent of book systems
Starting of executable files
Starting and completions of arrangement updates
The credibility aback the arrangement becomes accessible for logon, establishes affiliation with a area controller, achievement of account starts, and availability of arrangement shares
The beneficiary computer charge be alive Windows Server 2016 (it can be in either Server with Desktop Experience or Server Core mode). The ambition computer charge be alive either Windows 10 or Windows Server 2016. You can additionally run this account on a basal apparatus which is hosted on a computer that is not alive Windows Server 2016. The afterward combinations of virtualized beneficiary and ambition computers are accustomed to work:
Starting with the Windows Server 2016, the accident beneficiary account is accessible as an alternative feature. In this release, you can install it application DISM.exe with this command at an animated Windows PowerShell prompt:
dism /online /enable-feature /featurename:SetupAndBootEventCollection
This command creates a account alleged BootEventCollector and starts it with an abandoned agreement file.
Confirm that the accession accomplish by blockage get-service -displayname *boot*. The Cossack Accident Beneficiary should be running. It runs beneath the Arrangement Account Account and creates an abandoned agreement book (Active.xml) in %SystemDrive%ProgramDataMicrosoftBootEventCollectorConfig.
You can additionally install the Bureaucracy and Cossack Accident Accumulating account with the Add Roles and Features astrologer in Server Manager.
You charge to configure two items to aggregate bureaucracy and cossack events.
On the ambition computers which will accelerate the contest (that is, the computers whose bureaucracy and cossack you appetite to monitor), accredit the KDNET/EVENT-NET carriage and accredit the forwarding of events.
On the beneficiary computer, specify which computers to acquire contest from and area to save them.
Note
You cannot configure a computer to accelerate the startup or cossack contest to itself. But if you appetite to adviser two computers, you can configure them to accelerate the contest to anniversary other.
On anniversary ambition computer, you aboriginal accredit the KDNET/EVENT-NET transport, afresh accredit sending of ETW contest through the transport, and afresh restart the ambition computer. EVENT-NET is an in-kernel carriage agreement which is agnate to KDNET (the atom debugger protocol). EVENT-NET alone transmits contest and doesn't acquiesce debugger access. These two protocols are mutually exclusive; you can alone accredit one of them at a time.
You can accredit accident carriage accidentally (with Windows PowerShell) or locally.
If you acquire already set up Windows PowerShell Remoting to the ambition computer, skip to Footfall 3. If not, afresh on the ambition computer, accessible a command alert and run the afterward command:
winrm quickconfig
Respond to the prompts and afresh restart the ambition computer. If the ambition computers are not in the aforementioned area as the beneficiary computer, you ability charge to ascertain them as trusted hosts. To do this:
On the beneficiary computer, run either of these commands:
In a Windows PowerShell prompt: Set-Item -Force WSMan:localhostClientTrustedHosts "<target1>,<target2>,...", followed by Set-Item -Force WSMan:localhostClientAllowUnencrypted accurate area <target1>, etc. are the names or IP addresses of the ambition computers.
Or in a command prompt: winrm set winrm/config/client @{TrustedHosts="<target1>,<target2>,...";AllowUnencrypted="true"}
Important
This sets up unencrypted communication, so don't do this alfresco of a lab environment.
Test the alien affiliation by activity to the beneficiary computer and alive one of these Windows PowerShell commands:
If the ambition computer is in the aforementioned area as the beneficiary computer, run New-PSSession -Computer <target> | Remove-PSSession
["1049.54"]
Can't find unclosed element in XML - Stack Overflow | notepad++ xml toolsIf the ambition computer is not in the aforementioned domain, run New-PSSession -Computer <target> -Credential Administrator | Remove-PSSession, which will alert you for credentials.
If the command doesn't acknowledgment anything, remoting was successful.
On the ambition computer, accessible an animated Windows PowerShell alert and run this command:
Enable-SbecBcd -ComputerName <target_name> -CollectorIP <ip> -CollectorPort <port> -Key <a.b.c.d>
Here <target_name> is the name of the ambition computer, <ip> is the IP abode of the beneficiary computer. <port> is the anchorage cardinal area the beneficiary will run. The Key <a.b.c.d> is a appropriate encryption key for the communication, complete four alphanumeric strings afar by dots. This aforementioned key is acclimated on the beneficiary computer. If you don't access a key, the arrangement generates a accidental key; you'll charge this for the beneficiary computer, so accomplish a agenda of it.
If you already acquire a beneficiary computer set up, amend the agreement book on the beneficiary computer with the advice for the new ambition computer. See the "Configuring the beneficiary computer" area for details.
Start an animated command prompt, and afresh run these commands:
bcdedit /event yes
bcdedit /eventsettings net hostip:1.2.3.4 port:50000 key:a.b.c.d
Here "1.2.3.4" is an example; alter this with the IP abode of the beneficiary computer. Additionally alter "50000" with the anchorage cardinal area the beneficiary will run and "a.b.c.d" with the appropriate encryption key for the communication. This aforementioned key is acclimated on the beneficiary computer. If you don't access a key, the arrangement generates a accidental key; you'll charge this for the beneficiary computer, so accomplish a agenda of it.
If you already acquire a beneficiary computer set up, amend the agreement book on the beneficiary computer with the advice for the new ambition computer. See the "Configuring the beneficiary computer" area for details.
Now that accident carriage itself is enabled, you charge accredit the arrangement to actually accelerate ETW contest through that transport.
On the beneficiary computer, accessible an animated Windows PowerShell prompt.
Run Enable-SbecAutologger -ComputerName <target_name>, area <target_name> is the name of the ambition computer.
If you aren't able to set up Windows PowerShell Remoting, you can consistently accredit sending of contest anon on the ambition computer.
On the ambition computer, alpha Regedit.exe and acquisition this anthology key:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlWMIAutoLogger. Various log sessions are listed as sub-keys beneath this key. Bureaucracy Platform, NT Atom Logger, and Microsoft-Windows-Setup are accessible choices for use with Bureaucracy and Cossack Accident Collection, but the recommended advantage is EventLog-System. These keys are abundant in Configuring and Starting an AutoLogger Session.
In the EventLog-System key, change the bulk of LogFileMode from 0x10000180 to 0x10080180. For added advice about the capacity of these settings, see Logging Access Constants.
Optionally, you can additionally accredit forwarding of bug analysis abstracts to the beneficiary computer. To do this, acquisition the anthology key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession Manager and actualize the key Alter Print Filter with a bulk of 0x1.
Restart the ambition computer.
If the ambition computer has added than one arrangement adapter, the KDNET disciplinarian will accept the aboriginal accurate one listed. You can specify a accurate arrangement adapter to use for forwarding bureaucracy contest with these steps:
On the ambition computer, accessible Accessory Manager, aggrandize Arrangement Adapters, acquisition the arrangement adapter you appetite to use, and right-click it.
In the agenda that opens, bang Properties, and afresh bang the Capacity tab. Aggrandize the agenda in the Property field, annal to acquisition Location advice (the account is apparently not in alphabetical order), and afresh bang it. The bulk will be a cord of the anatomy PCI bus X, accessory Y, action Z. Accomplish agenda of X.Y.Z; these are the bus ambit you charge for the afterward command.
Run either one of these commands:
From an animated Windows PowerShell prompt: Enable-SbecBcd -ComputerName <target_name> -CollectorIP <ip> -CollectorPort <port> -Key <a.b.c.d> -BusParams <X.Y.Z>
From an animated command prompt: bcdedit /eventsettings net hostip:aaa port:50000 key:bbb busparams:X.Y.Z
To analysis settings on the ambition computer, accessible an animated command alert and run bcdedit /enum. Aback this is finished, afresh run bcdedit /eventsettings. You can double-check the afterward values:
Also analysis that you acquire enabled bcdedit /event, aback /debug and /event are mutually exclusive. You can alone run one or the other. Similarly, you can't mix /eventsettings with /debug or /dbgsettings with /event.
Note additionally that accident accumulating doesn't appointment if you set it to a consecutive port.
The beneficiary account receives the contest and saves them in ETL files. These ETL files can afresh be apprehend by added tools, such as Accident Viewer, Message Analyzer, Wevtutil, and Windows PowerShell cmdlets.
Since the ETW architecture doesn't acquiesce you to specify the ambition computer name, the contest for anniversary ambition computer charge be adored to a abstracted file. The affectation accoutrement ability appearance a computer name but it will be the name of the computer on which the apparatus runs.
["998.13"]
Notepad « Randy's Rants, Ravings and Reflections | notepad++ xml toolsMore exactly, anniversary ambition computer is assigned a arena of ETL files. Anniversary book name includes an basis from 000 to a best bulk that you configure (up to 999). Aback the book alcove the best configured size, it switches autograph contest to the abutting file. Afterwards the accomplished accessible book it switches aback to book basis 000. In this way, the files are automatically recycled, attached acceptance of deejay space. You can additionally set added alien assimilation behavior to added complete deejay usage; for example, you can annul files earlier than a set cardinal of days.
Collected ETL files are about kept in the agenda c:ProgramDataMicrosoftBootEventCollectorEtl (which ability acquire added subdirectories). You can acquisition the best contempo log book by allocation them by the aftermost modification time. There is additionally a cachet log (typically in c:ProgramDataMicrosoftBootEventCollectorLogs), which annal whenever the beneficiary switches autograph to a new file.
There is additionally a beneficiary log, which annal advice about the beneficiary itself. You can accumulate this log in the ETW architecture (in which contest are arise to the Windows log service; this is the default) or in a book (normally in c:ProgramDataMicrosoftBootEventCollectorLogs). Application a book could be advantageous if you appetite to accredit bombastic modes that aftermath a lot of data. You can additionally set the log to abode to a accustomed achievement by alive the beneficiary from the command line.
Creating the beneficiary agreement file
When you accredit the service, three XML agreement files are created and stored in c:ProgramDataMicrosoft BootEventCollectorConfig:
Active.xml This book contains the accustomed alive agreement of the beneficiary service. Appropriate afterwards installation, this book has the aforementioned capacity as Empty.xml. Aback you set a new beneficiary agreement you save it to this file.
Empty.xml This book contains the minimum agreement elements bare with their absence ethics set. It does not accredit any collection; it alone allows the beneficiary account to alpha in an abandoned mode.
Example.xml This book provides examples and explanations of the accessible agreement elements.
Choosing a book admeasurement limit
One of the decisions you acquire to accomplish is to set a book admeasurement limit. The best book admeasurement complete depends on the accustomed aggregate of contest and accessible deejay space. Smaller files are added acceptable from the standpoint of charwoman the old data. However, anniversary book carries with it the aerial of a 64KB attack and account abounding files to get the accumulated history ability be inconvenient.The complete minimum book admeasurement complete is 256 KB. A reasonable activated book admeasurement complete should be over 1 MB, and 10 MB is apparently a acceptable archetypal value. A college complete ability be reasonable if you apprehend abounding events.
There are several capacity to accumulate in apperception apropos the agreement file:
The ambition computer address. You can use its IPv4 address, a MAC address, or a SMBIOS GUID. Accumulate these factors in apperception aback allotment the abode to use:
The IPv4 abode works best with changeless appointment of the IP addresses. However, alike changeless IP addresses charge be accessible through DHCP.
A MAC abode or SMBIOS GUID is acceptable aback they are accustomed in beforehand but the IP addresses are assigned dynamically.
IPv6 addresses are not accurate by the EVENT-NET protocol.
It is accessible to specify assorted means to analyze the computer. For example, if the concrete accouterments is about to be replaced, you can access both the old and the new MAC addresses, and either will be accepted.
The encryption key acclimated for the advice with the beneficiary computer
The name of the ambition computer. You can use the IP address, host name, or any added name as the computer name.
The name of the ETL book to use and the arena admeasurement agreement for it
Open an animated Windows PowerShell alert and change directories to %SystemDrive%ProgramDataMicrosoftBootEventCollectorConfig.
Type block .newconfig.xml and columnist ENTER.
Copy this archetype agreement into the Block window:
Note
The basis bulge is <collector>. Its attributes specify the adaptation of the agreement book syntax and the name of the cachet log file.
The <common> aspect groups calm assorted targets allegorical the accepted agreement elements for them, actual abundant like a user accumulation can be acclimated to specify the accepted permissions for assorted users.
The <collectorport> aspect defines the UDP anchorage cardinal area the beneficiary will accept for admission data. This is the aforementioned anchorage as was authentic in the ambition agreement footfall for Bcdedit. The beneficiary supports alone one anchorage and all the targets charge affix to the aforementioned port.
The <forwarder> aspect specifies how ETW contest accustomed from the ambition computers will be forwarded. There is alone one blazon of forwarder, which writes them to the ETL files. The ambit specify the book name pattern, the admeasurement complete for anniversary book in the ring, and the admeasurement of the arena for anniversary computer. The ambience "toxml" specifies that the ETW contest will be accounting in the bifold anatomy as they were received, afterwards about-face to XML. See the "XML accident conversion" area for advice about chief whether to advise the contest to XML or not. The book name arrangement contains these substitutions: {computer} for the computer name and {#3} for the basis of book in the ring.
In this archetype file, two ambition computers are authentic with the <target> element. Anniversary analogue specifies the IP abode with <ipv4>, but you could additionally use the MAC abode (for example, <mac value="11:22:33:44:55:66"/> or <mac value="11-22-33-44-55-66"/>) or SMBIOS GUID (for example, <guid value="{269076F9-4B77-46E1-B03B-CA5003775B88}"/>) to analyze the ambition computer. Additionally agenda the encryption key (the aforementioned as was authentic or generated with Bcdedit on the ambition computer), and the computer name.
Enter the capacity for anniversary ambition computer as a abstracted <target> aspect in the agreement file, and afresh save Newconfig.xml and abutting Notepad.
Apply the new agreement with $result = (Get-Content .newconfig.xml | Set-SbecActiveConfig); $result. The achievement should acknowledgment with the Success acreage "true." If you get addition result, see the Troubleshooting area of this topic.
You can consistently analysis the accustomed alive agreement with (Get-SbecActiveConfig).text.
["624.68"]
Line break after each XML tag in Notepad | Technology | notepad++ xml toolsYou can accomplish a authority analysis on the agreement book with $result = (Get-Content .newconfig.xml | Check-SbecConfig); $result.
Though the Windows PowerShell command to administer a new agreement automatically updates the account afterwards acute you to restart it, you can consistently restart the account yourself with either of these commands:
The basal interface offered by Nano Server can sometimes accomplish it adamantine to analyze issues with it. You can configure your Nano Server angel to participate in Bureaucracy and Cossack Accident Accumulating automatically, sending analytic abstracts to a beneficiary computer afterwards added action from you. To do this, chase these steps:
Create your basal Nano Server image. See Getting Started with Nano Server for details.
Set up a beneficiary computer as in the "Configuring the beneficiary computer" area of this topic.
Add AutoLogger anthology keys to accredit sending analytic messages. To do this, you arise the Nano Server VHD created in Footfall 1, bulk the anthology hive, and afresh add assertive anthology keys. In this example, the Nano Server angel is in C:NanoServer; your aisle ability be different, so acclimatize the accomplish accordingly.
On the beneficiary computer, archetype the ..WindowsSystem32WindowsPowerShellv1.0ModulesBootEventCollector binder and adhesive it into the ..WindowsSystem32WindowsPowerShellv1.0Modules agenda on the computer you are application to adapt the Nano Server VHD.
Start a Windows PowerShell animate with animated permissions and run Import-Module BootEventCollector .
Update the Nano Server VHD anthology to accredit AutoLoggers. To do this, run Enable-SbecAutoLogger -Path C:NanoServerWorkloadsIncludingWorkloads.vhd. This adds a basal account of the best archetypal bureaucracy and cossack events; you can analysis others at Controlling Accident Tracing Sessions.
Update BCD settings in the Nano Server angel to accredit the Contest banderole and set the beneficiary computer to ensure analytic contest are beatific to the appropriate server. Agenda the beneficiary computer's IPv4 address, TCP port, and encryption key you configured in the collector's Active.XML book (described abroad in this topic). Use this command in a Windows PowerShell animate with animated permissions: Enable-SbecBcd -Path C:NanoServerWorkloadsIncludingWorkloads.vhd -CollectorIp 192.168.100.1 -CollectorPort 50000 -Key a.b.c.d
Update the beneficiary computer to accept accident beatific by the Nano Server computer by abacus either the IPv4 abode range, the specific IPv4 address, or the MAC abode of the Nano Server to the Active.XML book on the beneficiary computer (see the "Configuring the beneficiary computer" area of this topic).
Once a accurate agreement book is adored on the beneficiary computer and a ambition computer is configured, as anon as the ambition computer is restarted, the affiliation to the beneficiary is fabricated and contest will be collected.
The log for the beneficiary account itself (which is audible from the bureaucracy and cossack abstracts calm by the service) can be begin beneath Microsoft-Windows-BootEvent-Collector/Admin . For a graphical interface for the events, use Accident Viewer. Actualize a new view; aggrandize Applications and Services Logs, afresh aggrandize Microsoft and afresh Windows. Acquisition BootEvent-Collector, aggrandize it, and acquisition Admin.
Logging:The Beneficiary logs its own contest as ETW provider Microsoft-Windows-BootEvent-Collector. It's the aboriginal abode you should attending for troubleshooting problems with the collector. You can acquisition them in Accident Eyewitness beneath Applications and Services Logs > Microsoft > Windows > BootEvent-Collector > Admin, or you can apprehend them in a command window with either of these commands:
In an accustomed command prompt: wevtutil qe Microsoft-Windows-BootEvent-Collector/Admin
In a Windows PowerShell prompt: Get-WinEvent -LogName Microsoft-Windows-BootEvent-Collector/Admin (you can adjoin -Oldest to acknowledgment the account in archival adjustment with oldest contest first)
You can acclimatize the akin of detail in the logs from "error," through "warning," "info" (the default), "verbose," and "debug." Added abundant levels than "info" are advantageous for diagnosing problems with ambition computers not connecting, but they ability accomplish a ample bulk of data, so use them with care.
You set the minimum log akin in the <collector> aspect of the agreement file. For example: <collector configVersionMajor="1" minlog="verbose">.
The bombastic akin logs a almanac for every packet accustomed as it is processed. The alter akin adds added processing detail and depression the capacity of all accustomed ETW packets as well.
At the alter level, it ability be advantageous to abode the log into a book rather than aggravating to appearance it in the accepted logging system. To do this, add an added aspect in the <collector> aspect of the agreement file:
A appropriate access to troubleshooting the Collector:
Check whether any packets are accustomed at all. Optionally, you ability appetite to abode the log in bombastic access anon to a book rather than through ETW. To do this, add this to the <collector> aspect of the agreement file:<collector ... minlog="verbose" log="c:ProgramDataMicrosoftBootEventCollectorLogslog.txt">
Check the accident logs for any letters about the accustomed packets. Analysis whether any packets are accustomed at all. If the packets are accustomed but incorrect, analysis accident letters for details.
From the ambition side, KDNET writes some analytic advice into the registry. Attending inHKLMSYSTEMCurrentControlSetServiceskdnet for messages.KdInitStatus (DWORD) will = 0 on success and appearance an absurdity cipher on errorKdInitErrorString = account of the absurdity (also contains advisory letters if no error)
Run Ipconfig.exe on the ambition and analysis for the accessory name it reports. If KDNET loaded properly, the accessory name should be article like "kdnic" instead of the aboriginal vendor's agenda name.
Connection status
You can analysis the accustomed account of accustomed access and advice on area the abstracts is actuality forwarded with Get-SbecForwarding.
You can additionally get the contempo history of cachet changes in access with Get-SbecHistory.
If you activated the agreement with the Windows PowerShell command $result = (Get-Content .newconfig.xml | Set-SbecActiveConfig); $result, afresh the capricious $result will accommodate advice about the deployment. You can concern this capricious to get altered advice out of it:
Get advice about errors with $result.ErrorString. If any errors are arise here, the new agreement will not acquire been activated and the old agreement will be unchanged.
Get warnings with $result.WarningString.
["352.11"]
Notepad and the XML Tools plugin | Rhyous | notepad++ xml toolsGet advice on the capacity of the agreement with $result.InfoString.
You can get the complete aftereffect with $result | fl *.Alternately, if you don't appetite to save the aftereffect in a variable, you can use Get-Content .newconfig.xml | Set-SbecActiveConfig | fl *.
["813.83"]
When Others Then Null: Validate XML against an XSD using Notepad | notepad++ xml tools["562.6"]
Investigate current XML tools | notepad++ xml tools["388"]
Indent XML Formatting In Notepad - Code2Care | notepad++ xml tools["729.44"]
Download Free XML Notepad, XML Notepad 2007 Download | notepad++ xml tools["876.88"]
windows 7 - XML Tools Plugin for Notepad 7.4 - Super User | notepad++ xml tools