"Event log" usually refers to the system/server logs on Microsoft Windows machines.
"Event log" usually refers to the system/server logs on Microsoft Windows machines.
Questions tagged [windows-event-log]
617 questions
0
votes
0 answers
Windows Centralized Log Subscription
Does anyone know how to setup the windows Centralized log? because i've followed a bunch of tutorials and i can see the server in Runtime Status, but only the server hosting the centralized log sends log. All other don't appear and i've disabled…
Alex
- 131
- 1
- 11
0
votes
1 answer
auditpol starting infinite loop in command prompt
On our 3 Windows 2008 domain controllers, I have started to see a LOT of Audit Failure, Event 5159 errors.
I did some troubleshooting around the internet and found out that I should stop auditing a lot of this stuff. I tried creating a batchfile…
Chris
- 1
- 1
0
votes
2 answers
Do Windows Events from the Windows Event Log have sensitive information?
I'm looking to start a service where I collect Windows events from consumer computers over an SSL link (https) but I want to make sure that extremely sensitive information wouldn't be contained in the data (especially if a hacker got a hold of the…
Gabriel Graves
- 181
- 2
- 9
0
votes
1 answer
How to change logging details in W2008R2?
Is there a way to change what OS is logging in the Event Log?
For example I see "The system time has changed" events in numbers but I dont want them (I have time sync every too often and it is perfectly by design).
I dont want to stop time sync. I…
Boppity Bop
- 752
- 3
- 11
- 34
0
votes
2 answers
Server Hanging - Server Event Viewer
We are experiencing problems with our dedicated server, where it is hanging quite often (sometimes in the space after a few hours after a power cycle).
I've looked in the Events Viewer and under SYSTEM, there are thousands of events that have been…
MSchumacher
- 11
- 1
- 3
0
votes
3 answers
Cannot login SQL Server after changing machine name
After installing and setting up new machines in a domain, we decided to rename one of them which had a SQL Server instance installed. So I changed the hostname, everything went fine regarding the domain but now, the server is logging a…
Ucodia
- 89
- 1
- 2
- 12
0
votes
3 answers
Exchange 2010: Event id 9554 for deleted mailbox
I've deleted a mailbox and it's user in Exchange 2010. Now I'm getting the following warnings in the event log of the Exchange server:
Unable to update Mailbox SD in the DS. Mailbox Guid: a36def77-4743-471b-b67c-60a72f3f4f86. Error Code…
Mikael Grönfelt
- 677
- 3
- 7
- 14
0
votes
1 answer
Creating a custom view for windows log based on a "Contains {text}" rule
I have a server running Windows Server 2008.
I'm using Windows Server Auditing to check when and by which user a folder is modified to determine who is modifying it as the modifications are causing problems.
I can see the log of the audit when a…
jussinen
- 161
- 1
- 1
- 9
0
votes
1 answer
Trying to delete an object from the local group policy editor on a windows 2003 r2 member server in a domain
I've used this Serverfault Article in order to add additional event logs for some webservices to the local group policy on my interfaces server.
For 2 objects i added, i had a mistype and it created 2 logs (check the image) which are unusable and i…
Itai Ganot
- 10,644
- 29
- 93
- 146
0
votes
2 answers
How can I prevent cron from filling up my root partition?
I'm using cron tasks every 3 mins, the result is logged in my cron.log. Also after executing (wget) certain php file, it's name (with 0 bytes filesize) is copied to root, spaming it - see the figure
How can I prevent cron from filling up my root…
dr_darwin
- 1
- 1
0
votes
1 answer
Event Logs for Remote Share BruteForce
This command is used to access remote shares.
net use \10.31.247.2\share /user:admin password
Is there any way to detect(EventLogs/other tools) if someone is trying to BruteForce into a remote system using this method? A wrong password does not…
0
votes
1 answer
Apache/Server Logs help
I have this on my apache conf
ServerAdmin info@myweb.com
DocumentRoot /var/www/html/web
ServerName web.myweb.com
ErrorLog logs/index-error_log
CustomLog logs/index-access_log common
And now I have 500 error but I…
Jufer
- 3
- 2
0
votes
1 answer
Using the CheckEventLog module of NSClient++, how do I properly filter in two different eventTypes?
I'm having an odd amount of trouble deducing the proper syntax to "filter=in" two eventTypes, warning and error.
The line I am using is as follows:
CheckEventLog -a truncate=1023 MaxWarn=1 MaxCrit=1 file='DFS Replication' filter=in…
brandeded
- 1,845
- 8
- 32
- 50
0
votes
2 answers
Most efficient way to allow a specific user access to event log?
What is the most efficient way to allow a specific user access to event logs?
I have come across a method to enforce permissions using local security policy and group policy, but it seems overly complex.
Is there a facility that makes granting a…
brandeded
- 1,845
- 8
- 32
- 50
0
votes
2 answers
Track changes to Windows Update settings in registry
Is it possible to track down changes to the Windows Update settings in the event logs (Win2008 R2 Std)?
I tried filtering the System event log by Source = WindowsUpdateClient but this seems to list only actual Windows Update actions. I also tried…
Filburt
- 149
- 1
- 11