Questions tagged [event-viewer]
Windows Event Viewer is a utility that shows users logs of events generated by the Windows operating system, and applications/services running on Windows.
242
questions
0
votes
0
answers
34
views
Suddenly getting application instability after waking laptop from sleep mode
Last Tuesday, I put my laptop into sleep mode before a power outage occurred, and after the 7 hours of no power, I booted it back up to find it seemingly okay, but quickly discovered an issue after ...
- 3
1
vote
1
answer
86
views
Which user's app crashed in the Windows Event Logs?
I have an app that is crashing and leaving crash reports in the Windows Event Logs. They look something like this:
Is it possible to determine which user was running the app when it crashed? If not ...
- 717
0
votes
0
answers
75
views
Windows Security Event ID 4800 (lock screen) on Win 11 Pro for Workstations
I have a task that is triggered on PC1 whenever the user locks their computer. This works fine.
I just set it up the same on PC2, but the Event ID 4800 is not logged on this machine when the user ...
- 113
0
votes
1
answer
2k
views
windows 11 error The Secure Boot update failed
for some reason this error is constantly thrown and logged in the Windows Event Viewer:
The Secure Boot update failed to update a Secure Boot variable with error Secure Boot is not enabled on this ...
0
votes
0
answers
21
views
How to configure AlientVault OSSIM to collect Windows security event logs and send email
I'm completely new to AlienVault OSSIM and I want to start using OSSIM to collect Windows security events from domain controllers e.g. failed login attempts, bad password attempts, account lockouts, ...
- 101
0
votes
0
answers
102
views
Windows Event Viewer not Logging more than a day log - Application Logs
Application log is not retaining more than a day worth of logs. I have SQL Server 2019 installed and other DW application. I tried to restart the Windows event log service and also the server as well. ...
1
vote
0
answers
46
views
HyperV VM was stopped - How to find why and when in Windows Server event logs
Recently I keep finding a HyperV VM (the MSSP's vulnerability scanner) that is in the "Stopped" state when it shouldn't be and want to find the cause. I'm a support officer slowly ...
- 11
0
votes
0
answers
36
views
Windows Event IDs to Monitor Logins, Unlocks, Startups
I'm trying to query the Windows 11 event log for any use of a computer. I'm starting with someone getting access to the Windows UI, so I've tried this query I found somewhere on ServerFault, but the ...
- 2,651
0
votes
1
answer
641
views
Strange events in windows 10 event log regarding the Windows Modules installer service
I was just looking through my event viewer because I have a device that keeps disconnecting and reconnecting, so I was trying to find out if it was a software issue, or if maybe a wire in a USB cable ...
- 11
0
votes
1
answer
529
views
Windows 11 PC waking up from hibernation with unknown wake reason
This problem has been driving me mad for the past few months. Almost every time I put my computer into hibernation mode for the night it immediately boots back up. After a few times, it will ...
1
vote
0
answers
233
views
Filter Windows Event Viewer based on information inside the event itself
I have a large number of events like:
Category: Microsoft.EntityFrameworkCore.Database.Command
EventId: 20101
Executed DbCommand (2ms) [Parameters=[], CommandType='Text', CommandTimeout='30']
SELECT ...
0
votes
0
answers
43
views
Network adapter identification from WLAN disconnect event
Want to attach specific task to wifi adapter disconnect event, but need (just disconnected) adapter identification (name, guid, etc..). Unfortunatelly its not present in generated 4004 event. There ...
- 222
0
votes
1
answer
171
views
Is there a way to find out when my external hard drive was unplugged?
My two external hard drives were manually unplugged from my Windows 10 laptop last night, presumably by my roommate, either that or I'm losing my mind/sleepwalking. I'm really curious and I searched ...
- 11
0
votes
1
answer
312
views
Triggering a scheduled task using process ID (Windows 10)
How can I trigger a task in the Task Scheduler using a process ID that I get from the Task Manager? Sort of similiar to the event ID from the Event Viewer.
My first solution was to use the event ID ...
- 1
0
votes
0
answers
22
views
Is it possible to create different log files policies for different events?
I am using windows server 21H2 to audit the access to a folder, files and subfolders.
If in event viewer I right click in security and go to properties, I can configure the size of the event files and ...
- 249