Questions tagged [windows-event-log]
"Event log" usually refers to the system/server logs on Microsoft Windows machines.
627
questions
1
vote
0
answers
70
views
What is the overhead if IIS logs is enabled for Windows event viewer?
We have an .aspx Asp.Net Web Forms C# application on IIS 10 on Windows Server 2022.
Recently an issue occurred where the application pool assigned to the application stopped without a trace to ...
- 115
0
votes
0
answers
29
views
Unreadable Outlook Log Files
For a few weeks now we have two users who need to login into a "domain-login"-window upon starting outlook. We suspect our crm or ad fs to be responsible but can't know for sure. Therefore I'...
- 1
0
votes
0
answers
46
views
Get time taken for each process during startup
I'm able to list processes that are loaded during boot time using Get-EventLog.
But I'm trying to get time taken to load for each process.
$bootTime = (Get-CimInstance win32_Operatingsystem)....
- 101
0
votes
0
answers
142
views
How to reduce Service Control Manager audit logging "Audit Success"
Maybe this is a niche complaint but it's bloody annoying to have Event Viewer show hundreds of Service Control Manager log entries telling me everything is fine, like:
The Device Setup Manager ...
- 61
-2
votes
2
answers
92
views
Continue restart on STOP 0xc00002e1 error on Windows Server 2003 domain controller
Windows Server 2003 server running raid 1.
It have several problem, one of the hard drives failed and lsass.exe crashes with error 0xc00002e1.
I followed this:
https://learn.microsoft.com/en-US/...
1
vote
0
answers
283
views
Why am I only seeing logoff, but no login, events in Windows Event Logs?
I want to audit when every user logged into of logged off a server via RDP. When I run Get-EventLog or Get-WinEvent and filter for Login (Event ID 4624) and Logoff (Event ID 4634) events, I only am ...
- 136
0
votes
1
answer
123
views
What event IDs correspond to changes in Windows Add or Remove Programs dialog?
What event does Windows log when a component is registered with Windows "Add or Remove Programs" or more recently "App & features" dialog?
While events with ID 11707 represent ...
- 131
0
votes
1
answer
480
views
Windows security event ID 4769 Kerberos Error on single user Domain
I have a test lab with a single Windows Server 2019 and a single Windows 10 Pro PC that connects to it, with a single user, me. I test our own software on it and that's it.
As of the past few days I ...
- 61
0
votes
1
answer
101
views
Windows Event Collector (WEF) Event Viewer unresponsive
We are using Windows Event Collector (WEF) to forward defined security events to a special server. After some days of using this solution, navigating to "Subscription" within the Event ...
- 99
0
votes
0
answers
2k
views
Machine account interactively signing in as UMFD. Is this normal?
Shown below is a windows log event id 4624. The log seems to convey that the machine account server2$ is trying to interactively log in as UMFD-3 interactively.
From my research, UMFD is a system ...
- 217
0
votes
1
answer
115
views
Backing Up Forwarded Events
I have created a simple test two liner ps script to backup parts of my event logs and the only one I can't backup is the forwarded events, is there a reason for this? The other logs back up fine with ...
0
votes
0
answers
89
views
How can I Avoid multiple same Events in Forwarded Events in Windows Event Forwarding
We use Windows Event Forwarding to centralize our Event Logs from around 100 Server.
I get multiple same Events forwarded with same Timestamp. I can't find anything to change that.
It looks like this:
...
- 1
0
votes
1
answer
453
views
Windows Event Collector Filtering
Afternoon and thanks for taking the time to read my question!
I am testing WEC and have got it where the source device sends the logs to my collector but with some strange behavior. Both the collector ...
0
votes
1
answer
596
views
Windows Event Log not showing log message content
Deploying new Windows Server 2022 VM. Our application - classic ISAPI with no managed code - writes events to the Application Event Log to track progress of certain processes, for debugging and ...
- 145
2
votes
1
answer
2k
views
Two systems not showing in Windows Event Collector
I built a Windows Event Collector for the first time in our domain. The Collector server is Windows Server 2022. All the systems forwarding to it are Server 2019. The subscription is specifically for ...
- 187