Must gather for Windows S-TAP and other Windows agents

Learn how to run the diag.bat to produce numerous statistics that help Guardium with diagnostics. Must gather has two options: S-TAP mode for S-TAPs and Standalone mode for other agents that are installed on the database server.Learn about the Pre-Kernel dump verification utility for Windows S-TAP.

S-TAP mode

Run diag.bat with any of:
  • Log in to the database server. From the Windows Start menu, go to IBM Windows S-TAP > Run Diagnostics.
  • Log in to the database server. Open the Windows Command Prompt as Administrator. Change the directory to %WINSTAP_DIR%\bin (for example C:\Program Files\IBM\Windows S-TAP\bin). Run diag.bat
  • In the S-TAP® Control page: Under the specific S-TAP, click send command. In the S-TAP Commands window, select the command STAP logging, check Run Diagnostics, then click Apply. The logs are listed in the Support Information Gathering Results.

When you run diag.bat as a command prompt, it has a number of command options: diag.bat [h][v][s][k]

You can specify only one option each time you run the command. For example:
diag.bat h
diag.bat help
Command option Description
-h, -help Display help
-v, -version Display the version.
-q, -quick Quickly return with simple diagnostics such as diag.bat version, OS version, installed agents with the version and installed directory. These are displayed to the console and quickly complete the diag. Typical output is:
IBM Windows GIM is installed.
  Directory: "C:\Program Files (x86)\Guardium\Guardium Installation Manager"
IBM Windows S-TAP is installed.
  Directory: "C:\Program Files\IBM\Windows S-TAP"
IBM Windows GAM is installed.
  Directory: "C:\Program Files\IBM\Guardium Agent Monitor"
IBM Windows FAM is installed
  Directory: "C:\Program Files\IBM\Windows Fam Monitor"
IBM Windows CAS is not installed.
IBM FDEC for SP is not installed.
IBM FDEC for NAS is not installed.
IBM FAM for SP is not installed.
IBM FAM for NAS is not installed
-k, -keep Keep all files in the ZIP_SOURCE_DIR after the files are zipped. This is useful if you want to review the files on database DB server without unzipping the zip file. If this option is not specified, all files copied from Guardium folders are removed from the diag folder after the zip is created.
  • ZIP_SOURCE_DIR for standalone: ~\diag
The output of diag.bat is a compressed file. You can access it:
  • In the folder %WINSTAP%\bin\zipTmp on the DB server with a name in the format
  • From the Guardium Support Information Gathering Results page.
The compressed file contains numerous files in a few sections:
  • root directory of the compressed file: driver logs and environmental details
  • install: Installer logs
  • diag: environment details and must gather
  • ini: guard_tap.ini
These folders display when the product is installed in the database server:
  • Guardium Installation Manager: GIM configuration and log files
  • Guardium Agent Monitor: GAM configuration and log files
  • Windows Fam Monitor: FAM configuration and log files
  • CAS: CAS configuration and log files
  • FAMforSP
  • FAMforNAS
  • FDECforNAS
  • FDECforSP
When you run diag.bat, it creates a log of the process: diag.log. The log files contain the log level (Information, Warning, Error), timestamp, and details of activities. This log can help you if diag.bat did not run successfully. It is included in the diagnostics file.

Standalone Must Gather

In Standalone mode you can run the Must Gather (diag.bat) script for any installed Guardium Windows agent: GIM, GAM, FAM monitor, FDEC for SP, FDEC for NAS, FAM for SP, FAM for NAS. You can run it from any folder, for example, C:\tmp.

To run diag.bat, open the Windows Command Prompt as Administrator, and run diag.bat. The output compressed file is generated in %PRODUCT_DIR%\Bin\zip\ The format of the compressed file name is GRD_WIN_%YYYY-MM-DD%T%HH-MM-SS-msec%%TZD%, where TZD is time zone difference. One compressed file is kept in the folder. Older compressed files are deleted automatically.

The Upload feature (controlled by the S-TAP parameter UPLOAD_FEATURE) does not support Standalone must gather.

The directory structure of the standalone must gather is:
  • The environment details are in the root directory of the compressed file.
  • Driver logs, ini, are under the Windows S-TAP folder.
  • Others are the same

If you run diag.bat but do not get results, and a warning message displays in ~\zip\GRD_WIN_DIAG_compress-archive_failed.txt, the powershell version is lower than V5.1. You can access the files under the \diag directory. If you can install Windows Management Framework (WMF) V5.1, then diag.bat can create the compressed file.

Tip: You can use the standalone mode to troubleshoot failed installations of Windows agents. For example, a Windows GIM installation failed, and nothing is copied to the database server. Copy diag.bat V2.1 from the Win GIM V11.3 installer and put it anywhere on the database server (for example C:\work\diag.bat). Open the Windows Command Prompt as Administrator and run C:work\diag.bat. This gathers the OS information, install logs, and other Guardium logs if they exist.

Pre-Kernel dump verification utility for Windows S-TAP

Run this utility before run a kernel dump to ensure that the dump can be created without problems.

Run the utility, SystemVerificationTool.exe, from its location in the S-TAP installed directory.

A window opens with the status, the configured dump type, the CPU size. and the free disk space. If the configuration is good for a kernel dump, the status is The system is correctly configured for a kernel dump. If the configuration is not good for a kernel dump, it informs you why.
Message What to do
Dump type is not configured as kernel type. Click the link and follow the procedure to change the dump type, then run the utility again.
There is only one CPU, generating a dump may lock up the CPU. Kernel dump is not recommended
Disk space is too low to handle the creation of the dump, generating a dump may lock up the CPU. Free up disk space and run the utility again. The utility requires the smaller of: one third of physical memory, or 10 GB.