Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [windows-event-log]

"Event log" usually refers to the system/server logs on Microsoft Windows machines.

"Event log" usually refers to the system/server logs on Microsoft Windows machines.

617 questions
0
votes
1 answer

What would initiate MariaDB to start to resolve IP addresses?

In my Windows Logs > Application I see these Warnings IP address 'xxx.xxx.xxx.xxx' could not be resolved: No such host is known. The IP is unknown to me. These Warnings get logged as: Log Name: Application Source: MariaDB Event ID: 100 Level:…
MeSo2
  • 254
  • 1
  • 3
  • 18
0
votes
1 answer

Windows event forwarding HTTPS Setup

i succesfully created a simple WEF setup between two domain server (WS2019) it's all working great while it remain in HTTP protocol. Once i try to take the leap to HTTPS, no more logs is going to the WEC server. i got certificates on both host…
Gorshok
  • 29
  • 11
0
votes
2 answers

How can I hide the "Actions" panel / tab / pane in Windows "Event Viewer"?

I want to get rid of the "Actions" panel in the Event Viewer. It doesn't help me. I've made it as small as possible but I just want to hide it.
mnemotronic
  • 131
  • 3
0
votes
0 answers

Windows Server 2012 R2, Kerberos: Should the SPN "host/localhost" exist?

I noticed that the eventlog "Microsoft-Windows-Security-Kerberos" is filled with the same entry around every minute (sometimes three times per minute, sometimes only after two or three minutes): Event ID: 100 Description (roughly translated from…
Larsen
  • 315
  • 2
  • 14
0
votes
1 answer

Event ID 566 - Deleted Objects - Exchange Server

Getting alot of these on one of the DCs security log: *Event Type: Failure Audit Event Source: Security Event Category: Directory Service Access Event ID: 566 Date: 27/01/2010 Time: 10:12:41 User: Domain\Exchangeserver$ Computer:…
Ethos
  • 456
  • 3
  • 9
0
votes
1 answer

Get-EventLog -Log "Microsoft-Windows-Ntfs/Operational" fails with "does not exist"

I am making a script that pulls all non-empty logs and saves them as either evtx, csv, or xml. I have got the script working for the base logs (application, security, system, etc.), and those that have spaces. However, I keep getting errors with any…
fusione_2008
  • 3
  • 4
0
votes
1 answer

WinRM throws Error Code 2, "Unable to check the status of the Firewall" despite EVERYTHING

I am trying to set up a source initiated event Subscription from a Windows 2019 server to a Windows 10 Client. I know that might sound backwards but I don't really have a choice for a variety of reasons. Both of these devices are domain joined, the…
Mikeyisroc
  • 1
0
votes
1 answer

How to download TMF files for tracefmt from Microsoft Symbol Server

The Windows Event Tracing framework (ETW) can be used to log a lot of information about the system internals. The tracefmt.exe tool that comes with Windows SDK can be used to convert the .etl log files into text. However, it requires .tmf message…
jpa
  • 184
  • 3
0
votes
1 answer

Network Threat Protection

Today, my Database server unexpectedly restarted. After checking it, I found that since the start of December, I was getting this event, Network Threat Protection Event. Here's the event Object detected. Object name: 64.76.157.3:51747 (different…
adel sameer
  • 3
  • 2
0
votes
1 answer

Windows System, Application logs vs. "Applications and Services" logs in Event Viewer

Do Error and Warning events from the Microsoft "Applications and Services Logs" get sent to the Windows Application and/or System logs? For example, if AppHost generated an Error event, would it show up in Application and/or System? Is there a…
public wireless
  • 113
  • 3
0
votes
1 answer

EVENTID 4648. Mismatch ,Subject (Standard User), CredentialsUsed (Admin), Target(Localhost)

In the Event ID 4648, The subject's Account Name is the "Standard user". But under the credentials used section, the account name is of the "Administrator" and the Target Server is "LocalHost"and Account Domain is same as well. How is this possible?…
Akhil Abraham
  • 1
  • 1
0
votes
1 answer

Windows Event Forwarder for Workgroup Computers - Is it possible?

I have 2 Windows Server 2016 boxes (a forwader and a collector). They are in the same subnet and both are workgroup. Unfortunately, these servers cannot be joined to any domain. Just as the title states. Is it possible for WEF to work on…
Nina G
  • 217
  • 2
  • 8
0
votes
1 answer

Windows Event Forwarding, Source-Initiated By Way Of AD Security Group?

I'm setting up Windows Event Forwarding (WEF) utilizing a source initiated subscription type. In that source initiated subscription - select computer groups area I've successfully tested entering an individual PC. Additionally, if I enter Domain…
WindowsR1
  • 1
  • 1
0
votes
1 answer

Event 4656 on file server for files and folders not opened

Can someone explain why on the audit events of a file server there's plenty of 4656 events even if the file or folders have not directly been opened? For example, if you open the root directory H: , in the events there are lots 4656 related to the…
Someonesomewhere
  • 1
  • 1
-1
votes
2 answers

What are some benefits of clearing a Windows Event Log?

An admin on my network says he was troubleshooting an issue and had cleared the event logs. Is this a problem? What are some of the benefits of clearing the event viewer logs while troubleshooting software issue(s)?
JavaScripter007
  • 11
1 2 3
41 42