Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [windows-event-log]

"Event log" usually refers to the system/server logs on Microsoft Windows machines.

"Event log" usually refers to the system/server logs on Microsoft Windows machines.

617 questions
0
votes
1 answer

EventID 333 in Windows Server 2003

Can somebody please let me know is there any problem that this error can cause if we don't apply any fix to it. Please let me know. Thanks!
user11470
  • 113
  • 1
0
votes
1 answer

Windows Event Log not showing log message content

Deploying new Windows Server 2022 VM. Our application - classic ISAPI with no managed code - writes events to the Application Event Log to track progress of certain processes, for debugging and troubleshooting purposes. Application Event log is…
ComeAndGo
  • 3
  • 2
0
votes
1 answer

Windows Network Setup Service (NetSetupSvc) starts and stops every few minutes, flooding System log

NetSetupSvc is a helper service for installing network drivers and managing low-level network settings. It is trigger-started via RPC and automatically stops after 3 seconds. During normal operation this service is never used. In my case it seems to…
theultramage
  • 413
  • 1
  • 5
  • 15
0
votes
0 answers

Windows Event Collector between workgroup

I configured a windows server 2016 in workgroup as windows event collector in "source computer initiated" mode. I added in the subscription configuration another windows server 2016, also in workgroup, as "non-domain computers". I generated the…
Luca Del Prete
  • 1
0
votes
0 answers

Logging hash of signed PowerShell-Scripts

I use signed PowerShell scripts within my infrastructure and log all PowerShell activity via Windows EventLog. Sadly it seem that windows does not log a hash or fingerprint of signed scripts or even any information about the status of a script as…
user1667906
  • 1
0
votes
0 answers

Can't get Winlogon automatic restart sign-on (ARSO) to work on a specific machine

I'm trying to get Windows ARSO to work on a machine but am unable to. (Windows 10 Pro 22H2) It runs on other machines just fine, but not this specific machine. I've read through and double checked the two group policy settings (and associated…
aggieNick02
  • 286
  • 2
  • 9
0
votes
1 answer

Hourly fatal windows alert

On one of my windows server 2012 R2 (going to upgrade), my event logger has been filled with Event ID 36887 A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40. with Source Schannel It occurs…
SILENT
  • 163
  • 1
  • 1
  • 9
0
votes
0 answers

Which process is writing to specific Event Viewer Log

I republished a Windows Service to change the name of the Event Viewer file it logs to. However it continues to use the old log. I see the new one listed under Applications and Services Logs however it is empty. I see the both the new one and the…
Adam
  • 1
0
votes
1 answer

Repeating entries in the event viewer

Running Windows Server 2019 standard in a four node cluster. In the event viewer -> windows logs -> Application there are repeating entries. The message is 'Windows Installer reconfigured the product.' followed by different application and…
pithhelmet
  • 202
  • 1
  • 9
0
votes
0 answers

Windows audit "Removable Storage" not generating an event for file deletion

I have a Windows 10 system on which I have enabled removable storage audits (via GPO: Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Advanced Audit Policy Configuration -> Audit Policies -> Object Access -> Audit…
tjlds
  • 3
  • 2
0
votes
1 answer

How to register Ansible actions in Windows Event Log?

Ansible: 2.9 Windows: W2k16 Server I'm searching for a method to register (log) Ansible actions in remote Windows host. For example, when I work with win_command module for echo test command, I can't find lines referring to this action in Windows…
CH06
  • 13
  • 1
  • 5
0
votes
0 answers

Log Event ID to display time of first boot on a Windows Machine?

Say I factory reset a machine, or just installed Windows on it. Is there a way to use Get-WinEventLog to find a log message to indicate this is the first time since the installation of the OS that the machine booted? I want to prove that I factory…
leeand00
  • 4,869
  • 15
  • 69
  • 110
0
votes
1 answer

What controls the timing of the Windows Certificate Services event "Close to expiration" ID 1003?

I have a Windows Server which started logging this warning event 36/37 days before a certificate's expiry date and I would like to understand what controls/sets this timing and how it can be configured. The certificate in question was not…
bchen
  • 3
  • 2
0
votes
1 answer

How to catch item that triggers a trigger in Task Scheduler?

I want to write a powershell script that get executed whenever a new item/eventlog entry in the eventlog 'Microsoft-Windows-TerminalServices-Gateway/Operational' gets written. It is easy to create a scheduler task that triggers whenever a new…
Chris9834
  • 151
  • 1
  • 11
0
votes
1 answer

Write Windows Log entries to storage via Task scheduler job and powershell

i have created a task in Taskplaner that, whenever a new log-entry got created, it executes the following PS-script that should write the newly created eventlog-entry in a csv-file on storage. $date = Get-Date $pdate = Get-Date -UFormat…
Chris9834
  • 151
  • 1
  • 11
1 2 3
41 42