Cluster log in Windows Server 2008

In Windows 2003, The cluster log could be access from C:\Windows\Cluster\Cluster.log.

In Windows 2008, the logging architecture has been replaced with a event based tracing system.

The Vista\Windows Server 2008 Event Model is the next generation of Windows Event Logging and replaces the current version of the Event Log shipped in Microsoft® Windows® 2003 Server, Microsoft® Windows® XP, Windows 2000, and previous versions of Microsoft® Windows NT®.

The new model is a major update to the NT Event Log service. It maintains 100% backwards compatibility with the existing APIs and functionality and fully leverages the existing NT Event Log instrumentation in the applications and services. At the same time, it eliminates some of the limitations of the NT Event Log and provides additional features to better support monitoring and diagnostics of Windows applications, services, components, and drivers.

To extract the Cluster log in WIndows 2008, do the following:

1. Open Cmd Prompt

2. Type the following command

Cluster /Cluster:yourclustername log /gen


The cluster log will be available in C:\Windows\Cluster\Reports

To send to a specific directory, for example C:\temp do:

Cluster /Cluster:yourclustername log /gen /copy:"C:\temp"

Brilliant in depth article on the cluster log here –


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: