Questions tagged [windows-event-log]

"Event log" usually refers to the system/server logs on Microsoft Windows machines.

Filter by
Sorted by
Tagged with
2
votes
1answer
32 views

How can I tell if a user group modification event is triggered due to group policy instead of manual action?

I'm to trigger an alert if users are manually added to an administrators group based on the content of a windows event. Here's an example of the event (with some stuff sanitized) { "...
1
vote
1answer
14 views

Event log and performance counters correlation

Anyone else often having a need to correlate multiple log sources such as event log or various log files with performance counters when troubleshooting Windows machines? For example, we had a case of ...
-1
votes
0answers
15 views

What EVENT ID is generated when scheduled task failed in Windows Server 2012

I'm looking for the number of event id in Windows Server 2012 R2 when a scheduled task failed ?? If you know all ab event id source TaskScheduler, plz tell me. Thanks so much.
0
votes
0answers
35 views

Event 1006: SMBServer, The share denied access to the client

I have faced to Event: " The share denied access to the client. Client Name: \172.17.72.2 Client Address: 172.17.72.2:39725 User Name: SMBMM\ars Session ID: 0x980038000045 Share Name: \*\in Share ...
1
vote
1answer
84 views

Event 1007: The share denied anonymous access to the client

the body of evevnt is: " **The share denied anonymous access to the client. Client Name: \10.139.70.35 Client Address: 10.139.70.35:49157 Share Name: \*\in Share Path: ??\C:\Users\jodat\Desktop\...
1
vote
1answer
25 views

Use powershell to retrieve Event Forwarding state and configuration

I need to know if the current Windows client has enable Windows Event Fowarding, and where is it forwarding to. Can I do this with powershell? I couldn't find anything relative on Google, does anyone ...
1
vote
0answers
18 views

how to view old events in failover cluster manager

In failover cluster manager > cluster events, i have only for about 12 hour of events. I wish to view older ones or maybe how to make the manager show more than that.
1
vote
1answer
25 views

Info about Event logs (Active directory)

Recently 3 of my Active directory admins are unable to login to AD server through RDP. After we cross checked everything, we found these 3 users are added in one security group called "Deny RDP ...
2
votes
1answer
17 views

When setting up Windows EventLog Forwarding (WEF), does the forwarding machine keep a local copy of the log?

I am curious if the server forwarding said logs keeps a local copy in addition to forwarding, or if all logs it generates are immediately forwarded to the collector? I cannot find detailed information ...
1
vote
1answer
23 views

Windows event code 4720

I observed a strange thing. Why password not required field is enabled, even though we are providing passwords while creating a new user in active directory. " User Account Control: Account ...
0
votes
1answer
53 views

What is the correct way to limit windows event log size?

I'm looking for a the best way to limit the windows event log size using PowerShell or a command line script. I want to run this script during installation of my application to increase the limit of a ...
-1
votes
1answer
54 views

Windows System, Application logs vs. “Applications and Services” logs in Event Viewer

Do Error and Warning events from the Microsoft "Applications and Services Logs" get sent to the Windows Application and/or System logs? For example, if AppHost generated an Error event, ...
0
votes
0answers
39 views

Is there a way to increase windows event logging level for Application, Security event logs

I have read that the windows event logs have different logging levels like Critical, Error, Warning, Information, Verbose. What is the default log level? And what is the way to increase it to verbose ...
0
votes
1answer
35 views

EVENTID 4648. Mismatch ,Subject (Standard User), CredentialsUsed (Admin), Target(Localhost)

In the Event ID 4648, The subject's Account Name is the "Standard user". But under the credentials used section, the account name is of the "Administrator" and the Target Server is ...
0
votes
0answers
154 views

Disable Microsoft Office Telemetry not working properly. Data Logging Locations very confusing

Due to the Data Privacy regulations in our Country we have been asked by management to disable Microsoft Office Pro Plus, 365, 2016 from sending Telemetry Data to Microsoft so i did the following as ...

15 30 50 per page
1
2 3 4 5
38