StorDiag.exe is a new command line for collecting storage and file system diagnostic logs that Microsoft quietly added to the Anniversary Update. It’s a system tool that is useful to collect and identify storage related issues to proactively prevent NTFS file system corruption from happening. On top of that, it can also run an ETW trace, check for the consistency of the NTFS file system.
The usage of the tool is easy. It goes something like this:
StorDiag [-collectEtw] [-checkFSConsistency] [-out <PATH>]
-collectEtw is to collect a 30-second long ETW trace if run from an elevated session.
-checkFSConsistency is to check the consistency of the NTFS system
-out <PATH> is to specify the output path where all the log files are saved.
Note that, if not specified, the log files will be saved to %TEMP%\StorDiag.zip file by default. For example, if you only run StorDiag.exe without any parameters, you will need to go to %TEMP% folder and open up the StorDiag.zip file to check out the result.
To get a thorough report, run the command with all the parameters in an elevated Command Prompt window. The following command runs a comprehensive diagnostic and saves a full report on my desktop.
StorDiag.exe -collectEtw -checkFSConsistency -out %userprofile%\desktop
The process could take a couple of minutes to finish, depending on the number of storage devices connected to the Windows 10 system. It will check all the drives for corruption using ChkDisk first, then collect a 30-second ETW trace, running a few tools in the background and logs their output.
Below is the list of log files StorDiag.exe generates. You can find all the files in the StorDiag.zip file in the path you specified in the command.
- CDROM.reg
- ChkDsk <drive-letter>.txt (each letter gets a separate file)
- DiskDrive.reg
- FileSystem.reg
- HDC.reg
- <DIR> LocaleMetaData
- Microsoft-Windows-DataIntegrityScan-Admin.evtx
- Microsoft-Windows-DataIntegrityScan-CrashRecovery.evtx
- Microsoft-Windows-DiskDiagnostic.evtx
- Microsoft-Windows-Ntfs.evtx
- Microsoft-Windows-Partition.evtx
- Microsoft-Windows-Storage-ATAPort.evtx
- Microsoft-Windows-Storage-ClassPnp.evtx
- Microsoft-Windows-Storage-Storport.evtx
- Microsoft-Windows-StorageManagement-Operational.evtx
- Microsoft-Windows-StorageSpaces-Driver-Diagnostic.evtx
- Microsoft-Windows-StorageSpaces-Driver-Operational.evtx
- Microsoft-Windows-StorageSpaces-SpaceManager-Operational.evtx
- Microsoft-Windows-Volume.evtx
- Microsoft-Windows-VolumeSnapshot-Driver.evtx
- perflog.etl
- PSLogs.txt
- SCSIAdapter.reg
- System.evtx
- VolMgr.reg
- VolSnap.reg
- Volume <drive-letter> Corruption.txt (each drive gets a separate file)
- Volume.reg
StorDiag.exe is a great tool for IT Pros to help their day to day work. Even though it doesn’t resolve any of the issues that it discovers, it provides a in-depth information where the issues are, greatly speed up the troubleshoot process.
‘StorDiag.exe’ is not recognized as an internal or external command…
I do believe I have all the updates ?!
The executable is in the c:\windows\system32 folder. Maybe check there to find out? What’s the version number on your system?
10586.545 build, nothing in the sys32 – I had two giant updates this month, but maybe they have another one ?
Yes, 10586 is still before the Anniversary Update.