Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [windows-event-log]

"Event log" usually refers to the system/server logs on Microsoft Windows machines.

"Event log" usually refers to the system/server logs on Microsoft Windows machines.

617 questions
5
votes
1 answer

I can't find information on 2012 R2 Event ID's 257, 258, 265 Win32K errors

2012 R2 as a Hyper-V host only Last night this machine began running very slowly. I shut down the VM's and then the host. That also took forever. When I restarted the vm host machine it operated properly. When I checked the vm host events I found…
Alan
  • 1,003
  • 2
  • 20
  • 36
5
votes
1 answer

Windows cannot access the file gpt.ini for GPO CN={31B2F340-016D-11D2-945F-00C04FB984F9}

I'm in the middle of a "swing" migration from Windows SBS 2003 to Server 2003 Standard. It's going okay so far but we're getting event 1058 on client machines: Windows cannot access the file gpt.ini for GPO…
tomfanning
  • 3,378
  • 7
  • 34
  • 34
5
votes
1 answer

vSphere/ESX How to log migration event to guest Windows OS

On a vSphere/ESX environment, how to write (automated) migration events to the eventlog into the hosted Windows VM that has been migrated? So that the hosted OS is aware of the migration event, and thus any resulting issues can be related to that…
SaintNick
  • 111
  • 2
  • 9
5
votes
3 answers

Event Viewer Warning: "Installation of the Proof of Purchase from the ACPI table failed. Error code: 0xC004F057"

I have Windows Server 2012 R2 Standard running on a Dell PowerEdge T320. The server is near one month in use as a domain controller. I've noticed this warning entry showing in the Application log since I first turned it on, even before I performed…
TheMessenger
  • 129
  • 1
  • 3
  • 12
5
votes
1 answer

How to delete event source windows 2008

I would like to delete an event source in windows 2008. I don't want to delete the log event, just the source. How do I do that? I don't find any command i PowerShell that does that. PS > gcm *EventLog -CommandType cmdlet CommandType Name …
Oualid
  • 163
  • 3
  • 6
5
votes
4 answers

how to open a saved eventlog file with display information

i saved an eventlog with display information on a computer. now i want to open this file on another computer with full event description. in my understanding this information should be saved in the LocalMetaData.mta file but i don't know how to use…
user1008764
  • 1,176
  • 2
  • 8
  • 12
5
votes
0 answers

Corrupt General Tab in Event Viewer

Whenever ASP.NET reports a dangerous query string value to the Application log and the request contains a certain combination of characters; the event viewer will not show the error information and only shows 1 or 2 special characters. Clicking…
W4keDotNet
  • 51
  • 2
5
votes
5 answers

Security Log in Event Viewer does not store IPs

I'd like to write a service that pulls Event Viewer records, specifically from the Security log. Of particular interest to me are things like event id 4625 (audit fail) messages. Ideally I'd like to store the IP of clients that cause audit fails…
kmarks2
  • 192
  • 1
  • 2
  • 12
5
votes
3 answers

How to export all System event logs of a definite time period

I am working on a Windows Server 2003 SP2 with Powershell v2, and I am looking for a way to export all System event logs of a definite time period, (say, from Saturday 2000 hours to Sunday 1100 hours). I can export all existing System logs using…
whizkid
  • 355
  • 1
  • 4
  • 16
5
votes
2 answers

Totally removing Windows Event Logs

I am developing an application that creates Windows event logs and writes to them. However, during development and testing, I created some event logs by mistake, with sources registered to them. The issue is that only the first 8 characters of the…
bzamfir
  • 367
  • 3
  • 9
5
votes
2 answers

Is it possible to grant Read-Only Access to all Event Logs on Domain Controllers

I would like to grant Read-Access to event logs on all my domain controllers, ideally at a domain level using GPO. I would like members of a group to be able to view the Application Log, the System Log, and several logs in "Application and Services…
Andy Schneider
  • 1,543
  • 5
  • 19
  • 28
5
votes
3 answers

What is fault bucket and should I care?

As part of our regular preventative maintenance, we check the event logs on the workstations in our network for serious issues (e.g. diskperf errors). Some workstations commonly have a critical error where the explanation is "Fault bucket" followed…
Scott
  • 1,173
  • 3
  • 13
  • 25
5
votes
1 answer

How do I fix a custom Event Viewer Log that merges automatically with the Application log?

I am trying to create a custom event log for a Windows Service on Windows Server 2003. I would like to name the custom log "(ML) Startup Commands". However, when I add a registry key with that name to…
NightOwl888
  • 281
  • 3
  • 13
5
votes
4 answers

How can I generate Windows Logs for testing purposes?

I'm trying to test some Splunk-y things with my Windows logs. But I want to be sure of the logs that are coming in so I can be sure I'm keeping and discarding logs properly. What I'm really looking for is something like the Windows (7, if…
thepocketwade
  • 1,545
  • 5
  • 17
  • 27
5
votes
2 answers

How can I ship Windows Server 2008 event logs to a syslog server?

In the past with Windows Server 2003 I was able to ship the event logs to a central network syslog server using evtsys (https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys). It does not mention support for Server 2008 but does mention…
TrueDuality
  • 1,874
  • 5
  • 27
  • 37
1 2 3
41 42