您的位置：首页 > 职场人生

KB902093:如何阅读WUA客户端日志

2008-12-03 11:41 204 查看

Http://support.microsoft.com/kb/902093

WindowsUpdate的日志默认存放在c:\windows\windowsupdate.log里，他是我们进行排错的基本依据。

日志格式：
日志基本分为六个部分，例如

Date	Time	PID	TID	Component	Text
2005-06-01	18:30:03	992	810	Misc	=Logginginitialized
2005-06-01	18:30:03	992	810	Misc	=Process:
2005-06-01	18:30:03	992	810	Misc	=Module:

组件：
下面是可能写入的组件种类
AGENT-WindowsUpdateagent
AU-AutomaticUpdatesisperformingthistask
AUCLNT-InteractionbyAUwiththeloggedonuser
CDM-DeviceManager
CMPRESS-Compressionagent
COMAPI-WindowsUpdateAPI
DRIVER-Devicedriverinformation
DTASTOR-Handlesdatabasetransactions
DWNLDMGR-Createsandmonitorsdownloadjobs
EEHNDLER-Expressionhandlerusedtoevaluateupdateapplicability
HANDLER-Managestheupdateinstallers
MISC-Generalserviceinformation
OFFLSNC-Detectavailableupdateswhennotconnectedtothenetwork
PARSER-Parsesexpressioninformation
PT-Synchronizesupdatesinformationtothelocaldatastore
REPORT-Collectsreportinginformation
SERVICE-Startup/ShutdownoftheAutomaticUpdatesservice
SETUP-InstallsnewversionsoftheWindowsUpdateclientwhenavailable
SHUTDWN-Installatshutdownfeature
WUREDIR-TheWindowsUpdateredirectorfiles
WUWEB-TheWindowsUpdateActiveXcontrol

如何分辨Caller
打开日志，我们第一个需要找到出现问题的CallerID，也就是谁报告的错误。
例子1：

2005-06-01	18:30:33	992	58c	Agent	*************
2005-06-01	18:30:33	992	58c	Agent	**START**Agent:Findingupdates[CallerId=WindowsUpdate]
2005-06-01	18:30:33	992	58c	Agent	*********

例子2：

2005-06-22	13:02:11	1000	594	Agent	*************
2005-06-22	13:02:11	1000	594	Agent	**START**Agent:Findingupdates[CallerId=MicrosoftUpdate]
2005-06-22	13:02:11	1000	594	Agent	*********

例子3：

2005-06-02	11:37:18	992	4e8	Agent	*************
2005-06-02	11:37:18	992	4e8	Agent	**START**Agent:Findingupdates[CallerId=AutomaticUpdates]
2005-06-02	11:37:18	992	4e8	Agent	*********

三个CallerID都不相同，分别是WindowsUpdate、MicrosoftUpdate和AutomaticUpdates

基本设置
WindowsUpdate.log文件在自动更新服务启动时记录了基本的服务设置。第一部分包括下面:

Theclientversion客户端版本Thedirectorythatisbeingused正在使用的文件夹Theaccesstype接入类型Thedefaultproxy默认代理Thecurrentnetworkstate现在网络状况

注意：只有用proxycfg.exe配置了代理时，代理设置才会记录到WindowsUpdate.log里。

2005-06-01	18:30:03	992	810	Service	*************
2005-06-01	18:30:03	992	810	Service	**START**Service:Servicestartup
2005-06-01	18:30:03	992	810	Service	*********
2005-06-01	18:30:03	992	810	Agent	*WUclientversion5.8.0.2468
2005-06-01	18:30:03	992	810	Agent	*SusClientId='071ffd36-f490-4d63-87a7-f7b11866b9fb'
2005-06-01	18:30:03	992	810	Agent	*Basedirectory:C:\WINDOWS.0\SoftwareDistribution
2005-06-01	18:30:03	992	810	Agent	*Accesstype:Namedproxy
2005-06-01	18:30:03	992	810	Agent	*Defaultproxy:test:80
2005-06-01	18:30:03	992	810	Agent	*Networkstate:Connected
2005-06-01	18:30:03	992	7a0	Agent	***********Agent:InitializingWindowsUpdateAgent***********

接下来的部分则显示了WSUS服务器的相关信息，在这个例子中，由于还没有配置，所以都显示为NULL，如果配置好了，则会有相关信息。

2005-06-01	18:30:03	992	7a0	Agent	***********Agent:Initializingglobalsettingscache***********
2005-06-01	18:30:03	992	7a0	Agent	*WSUSserver:<NULL>
2005-06-01	18:30:03	992	7a0	Agent	*WSUSstatusserver:<NULL>
2005-06-01	18:30:03	992	7a0	Agent	*Targetgroup:(UnassignedComputers)
2005-06-01	18:30:03	992	7a0	Agent	*WindowsUpdateaccessdisabled:No
2005-06-01	18:30:04	992	7a0	DnldMgr	Downloadmanagerrestoring0downloads
2005-06-01	18:30:09	3948	918	Misc	===========Logginginitialized(build:5.8.0.2469,tz:-0700)===========
2005-06-01	18:30:09	3948	918	Misc	=Process:C:\ProgramFiles\InternetExplorer\iexplore.exe
2005-06-01	18:30:09	3948	918	Misc	=Module:C:\WINDOWS.0\system32\wuweb.dll

寻找日志里的错误信息
打开日志文件后，用查找功能搜索关键字FATAL和Warning

注意，所有的Warning都是严重的错误。从FATAL开始检查，确认你找到了所有的错误并纠正他们

常见错误举例

例：先查找FATAL，找到如下错误报告2005-06-02	04:32:01	992	158	Setup	FATAL:IsUpdateRequiredfailedwitherror0x80072eef

继续往下翻，我们看到WARNING部分

2005-06-02	04:32:01	992	158	Misc	WARNING:Sendfailedwithhr=80072eef.
2005-06-02	04:32:01	992	158	Misc	WARNING:SendRequestfailedwithhr=80072eef.ProxyListused:<Test:80>BypassListused:<(null)>AuthSchemesused:<NTLM;Negotiate(NTLMorKerberos);>
2005-06-02	04:32:01	992	158	Misc	WARNING:WinHttp:SendRequestUsingProxyfailedfor<http://update.microsoft.com/v6/windowsupdate/redir/wuredir.cab>.error0x80072eef
在这个例子中，代理服务器test并不可用，导致了错误的发生

WindowsUpdate.log的基本组成部分

1、服务启动

2005-06-01	18:30:03	992	810	Service	*************
2005-06-01	18:30:03	992	810	Service	**START**Service:Servicestartup
2005-06-01	18:30:03	992	810	Service	*********
2、WUA显示可用的参数

2005-06-01	18:30:03	992	810	Agent	*WUclientversion5.8.0.2468
2005-06-01	18:30:03	992	810	Agent	*SusClientId='071ffd36-f490-4d63-87a7-f7b11866b9fb'
2005-06-01	18:30:03	992	810	Agent	*Basedirectory:C:\WINDOWS.0\SoftwareDistribution
2005-06-01	18:30:03	992	810	Agent	*Accesstype:Namedproxy
2005-06-01	18:30:03	992	810	Agent	*Defaultproxy:test:80
2005-06-01	18:30:03	992	810	Agent	*Networkstate:Connected
2005-06-01	18:30:03	992	7a0	Agent	***********Agent:InitializingWindowsUpdateAgent***********
2005-06-01	18:30:03	992	7a0	Agent	***********Agent:Initializingglobalsettingscache***********
2005-06-01	18:30:03	992	7a0	Agent	*WSUSserver:<NULL>
2005-06-01	18:30:03	992	7a0	Agent	*WSUSstatusserver:<NULL>
2005-06-01	18:30:03	992	7a0	Agent	*Targetgroup:(UnassignedComputers)
3、用户通过IE登录WindowsUpdate并启动ActiveX控件

2005-06-01	18:30:09	3948	918	Misc	===========Logginginitialized(build:5.8.0.2469,tz:-0700)===========
2005-06-01	18:30:09	3948	918	Misc	=Process:C:\ProgramFiles\InternetExplorer\iexplore.exe
2005-06-01	18:30:09	3948	918	Misc	=Module:C:\WINDOWS.0\system32\wuweb.dll

4、安装组件检查WUA版本并确认是否需要升级

2005-06-01	18:30:09	3948	918	Setup	***********Setup:Checkingwhetherself-updateisrequired***********
2005-06-01	18:30:09	3948	918	Setup	*Inffile:C:\WINDOWS.0\SoftwareDistribution\WebSetup\wusetup.inf
2005-06-01	18:30:09	3948	918	Setup	UpdaterequiredforC:\WINDOWS.0\system32\cdm.dll:targetversion=5.8.0.2468,requiredversion=5.8.0.2468
2005-06-01	18:30:09	3948	918	Setup	*IsUpdateRequired=No

5、客户端点击快速安装或自定义安装，开始搜寻

2005-06-01	18:30:32	3948	918	COMAPI	-------------
2005-06-01	18:30:32	3948	918	COMAPI	--START--COMAPI:Search[ClientId=WindowsUpdate]
2005-06-01	18:30:32	3948	918	COMAPI	---------
2005-06-01	18:30:32	3948	918	COMAPI	-Online=Yes;Ignoredownloadpriority=No
2005-06-01	18:30:32	3948	918	COMAPI	-Criteria="IsInstalled=0andIsHidden=1"
2005-06-01	18:30:32	3948	918	COMAPI	-ServiceID={9482F4B4-E343-43B6-B170-9A65BC822C77}
注意：COMAPI提交搜索给客户端，因此第二部分是：

2005-06-01	18:30:33	3948	918	COMAPI	<<--SUBMITTED--COMAPI:Search[ClientId=WindowsUpdate]
2005-06-01	18:30:33	992	58c	Agent	*************
2005-06-01	18:30:33	992	58c	Agent	**START**Agent:Findingupdates[CallerId=WindowsUpdate]
2005-06-01	18:30:33	992	58c	Agent	*********6、同步本地数据库的补丁列表

2005-06-02	12:09:28	992	4e8	PT	+++++++++++PT:Synchronizingserverupdates+++++++++++
2005-06-02	12:09:28	992	4e8	PT	+ServiceId={9482F4B4-E343-43B6-B170-9A65BC822C77},ServerURL=https://update.microsoft.com/v6/ClientWebService/client.asmx
2005-06-02	12:09:35	992	4e8	PT	+++++++++++PT:Synchronizingextendedupdateinfo+++++++++++
2005-06-02	12:09:35	992	4e8	PT	+ServiceId={9482F4B4-E343-43B6-B170-9A65BC822C77},ServerURL=https://update.microsoft.com/v6/ClientWebService/client.asmx
2005-06-02	12:09:36	992	4e8	Agent	*Found0updatesand10categoriesinsearch
7、WUA搜索可用的补丁

2005-06-02	12:09:36	992	4e8	Agent	*************
2005-06-02	12:09:36	992	4e8	Agent	**START**Agent:Findingupdates[CallerId=WindowsUpdate]
2005-06-02	12:09:36	992	4e8	Agent	*********
2005-06-02	12:09:36	992	4e8	Agent	*Addedupdate{AC94DB3B-E1A8-4E92-9FD0-E86F355E6A44}.100tosearchresult
2005-06-02	12:09:37	992	4e8	Agent	*Found6updatesand10categoriesinsearch

8、用户得到了一个补丁并决定是否安装

2005-06-02	12:10:41	1660	d0c	COMAPI	-------------
2005-06-02	12:10:41	1660	d0c	COMAPI	--START--COMAPI:Install[ClientId=WindowsUpdate]
2005-06-02	12:10:41	1660	d0c	COMAPI	---------
2005-06-02	12:10:41	1660	d0c	COMAPI	-Allowsourceprompts:Yes;Forced:No;Forcequiet:No
2005-06-02	12:10:41	1660	d0c	COMAPI	-Updatesinrequest:1
2005-06-02	12:10:41	1660	d0c	COMAPI	-ServiceID={9482F4B4-E343-43B6-B170-9A65BC822C77}
2005-06-02	12:10:41	1660	d0c	COMAPI	-Updatestoinstall=1
2005-06-02	12:10:41	1660	d0c	COMAPI	<<--SUBMITTED--COMAPI:Install[ClientId=WindowsUpdate]
9、WUA开始安装补丁

2005-06-02	12:10:41	992	58c	Agent	*************
2005-06-02	12:10:41	992	58c	Agent	**START**Agent:Installingupdates[CallerId=WindowsUpdate]
2005-06-02	12:10:41	992	58c	Agent	*********
2005-06-02	12:10:41	992	58c	Agent	*Updatestoinstall=1
2005-06-02	12:10:41	992	58c	Agent	*Title=<NULL>
2005-06-02	12:10:41	992	58c	Agent	*UpdateId={19813D2E-0144-43CA-AEBB-71263DFD81FD}.100
2005-06-02	12:10:41	992	58c	Agent	*Bundles1updates:
2005-06-02	12:10:41	992	58c	Agent	*{08D9F87F-7EA2-4523-9F02-0931E291908E}.100
10、WUAcallstheappropriatehandlertoinstallthepackagebyimpersonatingtheuserwhoisloggedon

2005-06-02	12:10:46	992	58c	Handler	AttemptingtocreateremotehandlerprocessasMachine\Userinsession0
2005-06-02	12:10:46	992	58c	DnldMgr	Preparingupdateforinstall,updateId={08D9F87F-7EA2-4523-9F02-0931E291908E}.100.
2005-06-02	12:10:47	3348	70c	Handler	:::::::::::::
2005-06-02	12:10:47	3348	70c	Handler	::START::Handler:CommandLineInstall
2005-06-02	12:10:47	3348	70c	Handler	:::::::::
2005-06-02	12:10:47	3348	70c	Handler	:Updatestoinstall=1
2005-06-02	12:11:01	3348	70c	Handler	:Commandlineinstallcompleted.Returncode=0x00000000,Result=Succeeded,Rebootrequired=false

如何得到更详细的log？

修改注册表HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Trace
Valuename:Flags
Valuetype:REG_DWORD
Valuedata:00000007

Valuename:Level
Valuetype:REG_DWORD
Valuedata:00000004

内容来自用户分享和网络整理，不保证内容的准确性，如有侵权内容，可联系管理员处理

标签： 职场日志 wsus

相关文章推荐

新的分享

章节导航