AppPool User in Performance Log Group best practice report by SPDocKit determines whether the application pool user accounts have the required permissions on the system.
Issue description
This check determines whether the application pool user accounts have the required permissions on the system.
Explanation
To gather required performance counter metrics, an application pool account needs to be a member of the local Performance Log Users group.
Solution
Verify that the application pool account is a member of the local Performance Log Users group on all SharePoint servers. To do so, open Computer Management > System Tools > Local Users and Groups > Groups and double click the group Performance Log Users. If the application pool account is not a member of this group, add it to the group.
The following script checks the application pool accounts group memberships and reports accounts which are not members of required groups: