Jul 3, 2015
86 Views

ReportQueue folder too big – is it safe to delete?

Written by

We have noticed extremely large folder on our server. It happens that Error logs are kept there.

Folder is here:
c:\users\%username%\appdata\local\Microsoft\Windows\WER\ReportQueue

We have deleted its content completely and we also disabled Error logging. In order to do this you need to change group policy (as administrator):

  1. Start gpedit.msc to open the group policy editor
  2. Browse to computer settings/administrative templates/windows components/windows error reporting.
  3. On the right hand side there will be a “Disable windows error reporting” setting that you can flip on to disable things altogether

If you want to take a look at one of the erorr dumps the easiest way to do this is through the windows debuggers:

  1. Install the windows debuggers from http://www.microsoft.com/whdc/devtools/debugging/default.mspx
  2. Make sure the debugger machine has internet access, and copy one of the .hdmps across to it.
  3. Run windbg.exe -z foo.hdmp to open up the dump in the gui debugger
  4. From the command window that comes up type:
    • symfix c:\cache   – this fixes up the symbol paths so we can resolve stacks
    • reload -f ntdll.dll  – this loads symbols for one of the core os dlls and validates that we can do basic analysis
    • analyze -v     – this analyzes the dump and should give root cause analysis including the stack back trace from the crash etc.

Article Tags:
· · · · · · · · · · · · · · · · · · · · · · ·
Article Categories:
IT & Network
    http://linholiver.com

    https://linholiver.com/diary/about/