Stack Overflow
Stack Overflow

Questions tagged [event-viewer]

Event Viewer - tool in Windows systems that allows users to inspect the event logs.

Event Viewer - tool in Windows systems that allows users to inspect the event logs.

353 questions
6
votes
2 answers

Windows Event Log, can you xpath filter for string NOT equal?

Is there a way to filter for events where a certain attribute is NOT the given string in Windows (Server 2016) Event Viewer's limited dialect of XPath? I'm trying to get a view on logon events, but only actual user logons (console and RDP). This is…
Luc VdV
  • 1,088
  • 9
  • 14
6
votes
0 answers

EventLog appender C# does not write in event log viewer

I need to make my C# application to write log in Windows Event viewer. I Used ,
Jeeva N
  • 431
  • 1
  • 5
  • 17
6
votes
2 answers

Use Event Log (Write in Event Viewer) in Azure

My website, written in ASP.NET and i used EventLog to write logs into the event viewer. It is already been running in the production (OS: Windows Server 2012 R2) and no problems encountered upon logging some errors. I am now planning to migrate the…
heyou
  • 315
  • 1
  • 7
  • 14
6
votes
2 answers

'Event viewer log files save as XML' saves only 305 records

I have 1450 event logs in my event viewer. When I filter it using dates, say from Aug 25 2014 to Aug 31 2014, it gets reduced to 774. When I try to save the log files as XML by selecting the 'Save event file as' and then selecting XML as file type,…
Tony Thomas
  • 61
  • 1
  • 2
5
votes
1 answer

IIS7 Failed Request Tracing Permissions

In the event viewer, around every 5 minutes I am getting the event described here: http://technet.microsoft.com/en-us/library/cc735145(WS.10).aspx "FailedRequestTracing module failed to create directory '%3'. No logs will be generated until this…
James R
  • 651
  • 1
  • 12
  • 21
5
votes
1 answer

What are the Schannel TLS fatal alert codes?

Where can I find a definition of the Windows Schannel fatal alerts codes that show up in Event Viewer? For instance: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40. A fatal alert was generated…
JD Brennan
  • 992
  • 1
  • 10
  • 20
5
votes
1 answer

EventSource vs EventProvider

What are the main differences between the EventSource and EventProvider classes? I understand both classes to be an event provider for ETW. If there aren't key differences in the two then what are the pros and cons. I use the EventSource class…
FalacyNine
  • 129
  • 1
  • 6
5
votes
6 answers

powershell: get-winevent has no message data?

When I run the script below to retrieve log files, the get-winevent "message" field is blank, but has data if I run get-eventlog. Any ideas why? #has message data Get-Eventlog -LogName application -Newest 10 #date 10 days ago $EventStartDate =…
resolver101
  • 2,155
  • 11
  • 41
  • 53
4
votes
6 answers

Time when Windows 7 was started/booted

I want to check the operating system's start time. That is, for the last one month, the times when Windows was booted up. Is it possible to find this out?
Bhavik Ambani
  • 6,557
  • 14
  • 55
  • 86
4
votes
2 answers

Putting XML Data into the Windows Event Log

How can I write XML data into the Windows Event Log? I have noticed that there is a way to insert XML into the windows event log (and not by just stuffing it into the description). The effect is that you get just your description message in the…
JMarsch
  • 21,484
  • 15
  • 77
  • 125
4
votes
1 answer

Error: Unable to start a DCOM Server: Microsoft.Windows.Cortana

We customize Windows for a medical device. The Cortana was removed through the answer file,
Oleksandr
  • 81
  • 2
  • 12
4
votes
1 answer

How to write a custom event log by an already existing provider with PowerShell?

I am trying to find out the Name/Value mappings of the "State" data in the message of the 'Network Connected' event log: Path = Microsoft-Windows-NetworkProfile/Operational Source = NetworkProfile Event ID = 10000 So I figured I'll write a custom…
NadAlaba
  • 292
  • 3
  • 15
4
votes
2 answers

How to remove and create log in Windows Event Viewer

I have an app. I'm trying to write log in Windows Event Viewer when its crashing. I found Write to Windows Application Event Log and I'm using DispatcherUnhandledExceptionEventHandler for catching unhandled exception. I'm setting it in constructor…
Dilshod K
  • 2,924
  • 1
  • 13
  • 46
4
votes
1 answer

Selecting a sub-property in PowerShell

I have a long list of objects in PowerShell (more specifically, a list of Windows events from the Get-EventLog cmdlet) that I want to filter out to find who accessed my machine. I used the following: Get-EventLog -LogName Security -InstanceId 4672 |…
eden881
  • 164
  • 1
  • 8
4
votes
1 answer

WEVTUtil export certain event

I want to export only event id 4624 from Security Code below exports all event from security (i want only 4624); WEVTUtil query-events Security /rd:true /format:text > %~dp0Logins.txt /q:"4624" When all 4624 events exported i…
acid magic
  • 387
  • 1
  • 3
  • 10
1
2
3
23 24