Highest Voted 'windows-event-log' Questions - Server Fault Stack Exchange

0

votes

0 answers

Windows Server 2008 HPC Edition is permanently logging Audit Success for RDP sessions

A Windows Server 2008 HPC Edition box is permanently logging Logon and Logoff tasks for the user who is connected to it via RDP every few seconds. Is there a way to just log the user initiated logon and logoff events? Typical Logoff events look…

windows-server-2008-r2 rdp windows-event-log

asked Sep 16 '15 at 06:02

p.vitzliputzli

101
2

0

votes

1 answer

AD log message showing E-mail of user object creation

I am referencing the active directory log message (4720) which shows 'User Principal Name' as an email address. However there is another email address found when viewing the actual User Object 'general' tab, which is not used for logging in. What…

windows-server-2008 logging users windows-event-log

asked Aug 24 '15 at 19:23

DDDD

101
1

0

votes

1 answer

How to access event logs in windows.old

I've had a Windows 2008 crash that required reinstall. The old installation is now in windows.old directory. How can I access those event logs to try figure out what happened?

windows-server-2008 windows-event-log

asked Oct 02 '09 at 07:45

vnuk

506
1
8
17

0

votes

1 answer

Event viewer missing logs following unexpected reboot

One of our Server 2012 boxes lost power unexpectedly recently. We're still not sure how it happened, but given its suddenness I suspect someone in the data centre tripped over a power cable. I went to the System logs in the Event Viewer to check the…

windows-server-2012 logging windows-event-log unexpected-shutdown

asked Jul 15 '15 at 09:18

Mourndark

159
3
14

0

votes

2 answers

Forwarding Application and Services Logs using nxlog

Using nxlog 'im_mseventlog' module I'm able to forward all Windows Logs (Application, Security, System... ) logs to the remote syslog server. But I'm not able to forward eventlogs present under 'Application and Service Logs -> Microsoft -> Windows…

windows-server-2008 syslog windows-event-log nxlog

asked Jul 09 '15 at 06:53

Arun

83
1
3
12

0

votes

0 answers

why is ip address sometimes missing from Security audit log Source Network address for log on audit failures?

Most of the time when someone who is not authorized attempts to log on to my Windows 2008 R2 web server, an ip address is displayed. With the ip address, i can easily block the external host from attempting to log on to my server by setting up a…

windows-server-2008 security ip-address windows-event-log audit

asked Jun 22 '15 at 17:18

gerryLowry

185
3
13

0

votes

0 answers

How to log changes made in a particular file to syslog

How to log changes made in a particular file using syslog-ng. The log must contain the timestamp, hostname, user who modified the file and action performed. Is there any option other than audit in Linux, as audit generates more data in the log. Can…

linux logging windows-event-log syslog-ng auditd

asked May 20 '15 at 05:00

Arun

83
1
3
12

0

votes

1 answer

How to redirect IIS logs to windows event logs in windows 7

I am using windows 7 OS with IIS 7.5 I need to redirect the IIS log files to the Windows Event Log. In IIS 8.5 there is an option to perform the above operation, but I require that to be done in IIS 7.5 Is there any option in IIS7.5 to redirect the…

windows iis-7.5 windows-event-log

asked May 07 '15 at 07:35

Arun

83
1
3
12

0

votes

1 answer

How to tell who made this change?

How do I tell who made the change in the following event log entry? What/who is Caller User Name? XXXXTE-MAIL (without the $) is the computer name of the domain controller. This entry is from the event log of this domain controller.

windows-event-log eventviewer

asked Apr 17 '15 at 10:14

Old Geezer

397
8
25

0

votes

1 answer

Do DFS logs contain folder permission changes?

I have a DFS server sharing files and want to see when an admin gave read/write/full control to a user in a DFS share. Is there any way I can view this? I have checked in C:\Windows\Debug but the log files don't seem to show any changes made to file…

logging log-files windows-event-log dfs dfs-r

asked Mar 25 '15 at 09:23

user3413818

3
2

0

votes

0 answers

EventLog Source "Connect". No events in EventLog

I'm baffled by this, as I can find no documentation on wether or not "Connect" or "Connection" is some kind of registered keyword for EventLog Sources. I'm trying to create an EventLog Source called either "Connect" or "Connection" through…

windows-server-2008-r2 powershell windows-event-log

asked Feb 09 '15 at 09:17

Alex Carlsen

101
2

0

votes

2 answers

How do I find the Orig lock Server info in LockoutStatus

I have a account which is keep locking out but this happens night time where we are not able to take logs or grab logs. So what I like to do is write a powershell script to take these logs for me. I'm using AL TOOLs. Within ALTools the is program…

windows-server-2008-r2 windows-event-log active-directory

asked Jan 27 '15 at 08:19

maj

5
1
8

0

votes

1 answer

Find IP of computers using AD account

I cant seem to find a log that contains the info I want in AD. I want to log logon events so I can see each user login and where it came from, similar to the information logged when a user provides a wrong password. In the end, I want to change…

active-directory windows-event-log

asked Jan 23 '15 at 16:03

michael.clyne

91
1
2
7

0

votes

1 answer

Special Logon in Vista

I looked at the System logs on my Vista machine. What is "Special Logon"? did an administrator log onto my PC?

windows-vista windows-event-log

asked Sep 17 '09 at 02:31

WeDoTDD.com

245
2
5
14

0

votes

1 answer

How to find out which admin made a change in Exchange 2010

If a mailbox limit is set, is it possible to find out when and who made the change, by searching through event logs, is there an event ID specific to this that can be searched for.

exchange-2010 windows-event-log

asked Jan 20 '15 at 08:15

JJJJNR

870
6
20
32

Questions tagged [windows-event-log]