All Questions
Tagged with event-viewer logging
11
questions with no upvoted or accepted answers
2
votes
0
answers
347
views
Windows AD event to detect new administrator user
I would like to know which event ID can be monitored in order to check if an existing user or a new one become administrator.
I search for 4720 and 4738 event IDs but the information displayed in the ...
1
vote
0
answers
48
views
HyperV VM was stopped - How to find why and when in Windows Server event logs
Recently I keep finding a HyperV VM (the MSSP's vulnerability scanner) that is in the "Stopped" state when it shouldn't be and want to find the cause. I'm a support officer slowly ...
1
vote
0
answers
195
views
Windows EVTX Delete Via RecordId
I am trying to figure out a way to delete only a single entry (identified via EventRecordID, found in the Details > XML View) from a Windows Log file (.evtx extension).
Tried so far via PowerShell, ...
1
vote
0
answers
67
views
Windows 7 Event Viewer - Save logs in real-time
I recently changed event viewer to save logs to an external drive then restarted my computer.
It's working fine, however, the logs aren't being written in real time.
When I open Event Viewer, it ...
1
vote
1
answer
314
views
Windows 7 - spontaneous wake from sleep
Irregularly, unattended PC wakes up. A typical 'system' event log sequence is below Basically, my question is whether anything can be inferred from this. More specifically,
Is the order of ...
1
vote
1
answer
4k
views
Internet access status, windows 7 event viewer
I have a pc working 24/7 and the internet connection disconnect and reconnect several times in the day, and I would like to know log history of the internet status logged by this pc, is it possible ...
0
votes
0
answers
178
views
What are the "setup" Events in Windows Event Viewer Logging?
I'm getting more familiar with the Windows Event Viewer for a recent IT job, and I'm unsure about what "setup" events are being logged in the Windows Event Viewer.
The MS documentation says ...
0
votes
2
answers
249
views
How do you capture programs/scripts that run and quickly disappear in Windows 10?
I have noticed that a CMD script seems to randomly run while doing things but cannot seem to capture what or where it's coming from. Is there a way to use some sort of logging app to see what comes ...
0
votes
1
answer
368
views
Modifying script to capture login/shutdown times in Windows
For some time now I've been using this script to view my login time for a particular computer:
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.GetFile("C:\Windows\...
0
votes
2
answers
1k
views
How Do I Suppress SQL Server "Informational" Messages?
I've just installed SQL Server 2008 R2 Express for local development, and it's flooding the Application Event Log with a seemingly endless barrage of trivia and drivel ("SQL Server is now ready for ...
0
votes
2
answers
108
views
Where Does One Find Logs of Pentesting Tools on Windows
I'm scanning my Windows 8 machine with Nmap and OpenVAS (from a different machine on my LAN and another one over WAN) and I'm looking for logs for the occurrence of such events in the Event Viewer but ...