Home
  •  

Windows 8 Aggregate Memory Trends RAM

Microsoft.Windows.Client.Win8.ComputerGroup.MemoryTrendsRAM (Rule)

Knowledge Base article:

Summary

This rule raises an alert when there is an alarming trend in the increase of out of memory problems in machines with a given amount of installed RAM in the enterprise

Causes

Low Memory

Resolutions

The Memory Leak Diagnoser component of Windows Resource Exhaustion Detection and Resolution (RADAR) provides information about applications that are diagnosed as having memory leaks.

You must review these applications to determine if their linear increase in memory usage represents a true memory leak or if it is expected behavior.

Enable Memory Leak Diagnosis

To enable the Memory Leak Diagnosis:

Verify that the Memory Leak Diagnoser is enabled

To verify that the Memory Leak Diagnoser is enabled:

Element properties:

TargetMicrosoft.SystemCenter.DataWarehouse
CategoryEventCollection
EnabledTrue
Alert GenerateTrue
Alert SeverityWarning
Alert PriorityNormal
RemotableTrue
Alert Message
Windows 8 Computers with a certain amount of RAM in your enterprise suffered 20\% more memory exhaustion issues this week than last week
There has been a trend of increased memory exhaustion detected in computers with a certain amount of installed RAM. Please look at the Alert Context section to find out more about the computer type that is suffering. To get a bigger picture of the state of memory health and to get a list of the machines that are suffering, please view the Windows 8 Memory Health Report.

Member Modules:

ID Module Type TypeId RunAs 
DS DataSource Microsoft.Windows.Client.Win8.SQLProvider Default
GenerateAlert WriteAction System.Health.GenerateAlert Default

Source Code:

<Rule ID="Microsoft.Windows.Client.Win8.ComputerGroup.MemoryTrendsRAM" Target="SCDW!Microsoft.SystemCenter.DataWarehouse" Enabled="true" ConfirmDelivery="true" DiscardLevel="60" Remotable="true" Priority="Normal">

  <Category>EventCollection</Category>

  <DataSources>

    <DataSource ID="DS" TypeID="Microsoft.Windows.Client.Win8.SQLProvider">

      <Query>

                            SELECT 1, Result.RAM

                            FROM Win8.vWin8MemoryHealthAggregationRAM AS Result

                            WHERE (SELECT SUM(NumComputers)

                            FROM Win8.vWin8MemoryHealthAggregationRAM AS ThisWeek

                            WHERE ThisWeek.RAM = Result.RAM

                            AND DATEDIFF(day, ThisWeek.DateTime, GETUTCDATE()) &lt;= 7

                            GROUP BY ThisWeek.RAM

                            )

                            &gt;= 1.2 *

                            (SELECT SUM(NumComputers)

                            FROM Win8.vWin8MemoryHealthAggregationRAM AS LastWeek

                            WHERE LastWeek.RAM = Result.RAM

                            AND DATEDIFF(day, LastWeek.DateTime, GETUTCDATE()) &lt;= 14

                            AND DATEDIFF(day, LastWeek.DateTime, GETUTCDATE()) &gt; 7

                            GROUP BY LastWeek.RAM

                            )

                            GROUP BY Result.RAM

                        </Query>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="GenerateAlert" TypeID="SystemHealth!System.Health.GenerateAlert">

      <Priority>1</Priority>

      <Severity>1</Severity>

      <AlertMessageId>$MPElement[Name="Microsoft.Windows.Client.Win8.ComputerGroup.MemoryTrendsRAM.AlertMessage"]$</AlertMessageId>

      <AlertParameters/>

      <Suppression>

        <SuppressionValue/>

      </Suppression>

    </WriteAction>

  </WriteActions>

</Rule>