How to collect application crash dumps from Windows 2008 Server and newer
Article ID: 162548
Updated On:
Products
Endpoint Protection
Issue/Introduction
Overview:
What happened to Dr. Watson in Windows 2008? Dr. Watson was replaced with Problem Reports and Solutions / Windows Error Reporting.
Troubleshooting:
During the course of troubleshooting, it might be necessary to analyze why a particular Symantec process has performed an Application Fault or crashed.
When an application produces a fault within Windows 2008 and newer, a .dmp file is not produced with the default Windows settings. You will need to configure the OS to produce and store .dmp files.
What happened to Dr. Watson in Windows 2008? Dr. Watson was replaced with Problem Reports and Solutions / Windows Error Reporting.
Troubleshooting:
During the course of troubleshooting, it might be necessary to analyze why a particular Symantec process has performed an Application Fault or crashed.
When an application produces a fault within Windows 2008 and newer, a .dmp file is not produced with the default Windows settings. You will need to configure the OS to produce and store .dmp files.
Resolution
Solution:
For Windows 2008 and newer, follow these steps as per this Microsoft Article: msdn.microsoft.com/en-us/library/bb787181(VS.85).aspx
1. Launch Regedit
2. Navigate into HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting
3. Create a new Key called LocalDumps
4. Select LocalDumps and create three new entries:
A. DumpFolder of type REG_EXPAND_SZ give it a path value of an existing folder where you want the crash dump files to appear when an event occurs.
B. DumpCount of type REG_DWORD give it a value of decimal 10
C. DumpType of type REG_DWORD give it a value of decimal 2
NOTE: No reboot is required to activate these keys.
Feedback
Yes
No
Powered by
