Questions tagged [eventviewer]

This tag is for questions about Windows' Event Viewer. Event Viewer is where Windows stores logs generated by the Operating System and certain applications.

This tag is for questions about Windows' Event Viewer and Event Logs. Event Viewer is where Windows stores logs generated by the Operating System and certain applications.

Event Viewer has three primary logging areas:

Application
Security
System

Recent Versions of Windows (Vista and later / Server 2008 and later) have a large number of additional log areas.

Most Windows components (such as services) log to the System log, with notable exceptions being IIS and user-related operations (such as folder redirection at login) which log to the Application log. Programs that you write should log either to their own log areas or to the Application log. The Security log records successful and failed logins.

EventLog Windows Event - Why is event #6008 logged even after normal shutdown and restart?

I have been restarting and shutting down the machine through proper steps, ie, using start button, using command line and using Alt+F4. But, shut down event tracker is not logging any events. On windows start-up, EventLog is registering error #6008…

asked Oct 25 '18 at 07:20

Alok Bhat

vote

0 answers

Outlook on Terminalserver loses connection. Event ID 26

Problem Symptoms: Users experience daily disconnects and reconnects in Outlook running on a Terminal Server and have to log in again. They can not log in instantly but have to wait for approx. 1 minute. What i found out in the Event log: I realized…

exchange outlook terminal-server terminal eventviewer

asked Jun 25 '18 at 09:34

Faddi

vote

1 answer

Exporting Account Name, Domain & Timestamp from Security Auditing Event Log

I am currently exporting the last 7 days of Security microsoft windows security auditing logs via powershell to csv. It works, but with way to much detail, and also, not properly formatted. For instance, from the csv, the 'message' cell has this in…

windows powershell windows-server-2012 windows-event-log eventviewer

asked Apr 09 '18 at 08:47

SK2017

vote

1 answer

How to connect from command line to another computer with Event Viewer as another user?

I am trying to connect to another computer with Event Viewer from command line. And it can be done. However, I need to connect as another user (not my logged in user). Is there a way to do that?

windows windows-server-2016 windows-event-log eventviewer

asked Feb 28 '18 at 19:31

AngryHacker

2,877
6
32
33

vote

1 answer

Grant access to Event Viewer "Application and Services Logs" via GPO

My monitoring team has requested to be able to read the logs under "Application and Services" in 2008/2012/2016 event viewer. These are the logs that reside in "%SystemRoot%\System32\Winevt\Logs\". Specifically, they're interested in the…

windows active-directory group-policy windows-event-log eventviewer

asked Jan 25 '18 at 15:09

KiltedBuckeye

vote

0 answers

What is RDSAppXPlugin?

In windows 2012 event viewer in the "Applications and Services > Microsoft > Windows > TerminalSerices - LocalSessionManager > Operational" path I can see the following event: "Plugin RDSAppXPlugin has been successfully initialized" Any idea what is…

terminal eventviewer

asked Oct 16 '17 at 11:11

Amin

vote

2 answers

Adding an eventlog to an existing Windows Log

I have the following Event Log: This Event Log only appears inside Custom Views -> Server Roles -> Remote Desktop Services. What I'd like to do is add it to Windows Logs -> Security as I already have an agent that's crawling this folder. Is that…

windows-event-log eventviewer

asked Sep 13 '17 at 14:51

JustAGuy

vote

1 answer

Local PC Event Viewer not logging account creation/deletion

I have a GPO that is setting audit account management success/failure on a windows 7 workstation. RSOP User Acc is created Any idea what could be causing this issue with logging events?

windows-event-log user-accounts audit eventviewer accounts

asked Jul 17 '17 at 18:22

Kenta

vote

1 answer

How to log the events about the client boot from any live disks in windows server?

Are there any ways to find out whether any clients boot from a live disk for example Active Boot Disk? How to log that into windows server events log? Thanks in advanced. Server: Windows Server 2012. Clients' OS: Windows 7.

boot windows-event-log eventviewer window-server-2012

asked Mar 29 '17 at 06:53

Arani

vote

3 answers

WEF collect Windows Defender logs from clients on Windows Server 2012 R2

I'm trying to set up Windows Event Forwarding on a Windows 2012 R2 collector server. I was looking to collect events from Windows Defender, which comes by default on Windows 7 and 8 clients. I know that Windows Defender is not supported by Microsoft…

windows-server-2012-r2 powershell windows-event-log eventviewer

asked Mar 07 '17 at 14:34

frederict

vote

0 answers

Windows 2012 RDS Server logon causes Audit Failure 4625

We have a Windows 2012 R2 RDS server and a Windows 2008 R2 Domain Controller. Every time a user logs on or off of the RDS server, It logs event 4771 audit failure incorrect username or password for the machine account of the RDS server on the DC. …

windows-server-2008-r2 windows-server-2012-r2 eventviewer

asked Mar 06 '17 at 11:56

Craig Garnham

vote

1 answer

Did anyone get their Tandberg RDXmon service installed incorrectly or is it meant to be that way?

We have several "RDX" USB cartridge drives on customers' sites. Normally they don't log anything to the Windows event logs. This changes after you install the optional "RDX Tools". After the installation you start seeing entries in the "Application"…

windows-event-log eventviewer

asked Jan 30 '17 at 08:44

StackzOfZtuff

1,842
13
21

vote

1 answer

Windows Domain accounts gets locked without any failed logon events

I have a domain account which keeps getting locked without any prior wrong password login attempts: I.e (completely stripped off the details, just to give you an idea) 10:15:49 - logon successful 10:16:55 - logon failed (account locked) There's…

active-directory user-accounts eventviewer

asked Aug 30 '16 at 19:11

user2629636

vote

1 answer

Collecting 'Directory Service' Event Logs From A 2012R2 Domain Controller And Send To A 2012R2 Member Server

I have a couple Server 2012R2 domain controllers (we'll call them DC01 and DC02). I also have a Server 2012R2 member server (we'll call it COLLECTOR) that I'm going to use to collect certain event logs from various servers. I have setup the Event…

windows-server-2012-r2 windows-event-log eventviewer

asked Jul 18 '16 at 18:50

Mike

vote

1 answer

Archive Eventlog every x days

I have a large number of 2k12 r2 servers and I'd like to keep archives of their Eventlogs every 30 days. I was looking for a centralized solution, possibly a GPO. But from what I saw it's only possible to use Group Policy in order to either archive…

group-policy windows-event-log eventviewer wevtutil

asked Jun 22 '16 at 08:29

JustAGuy

Prev 1 2 3

…

13 14 Next