Questions tagged [event-viewer]

Event Viewer - tool in Windows systems that allows users to inspect the event logs.

1
vote
1answer
23 views

How to get boot time from Diagnostics-Performance

I'm trying to read boot duration from event viewer via powershell. This is the command i use: Get-WinEvent -FilterHashtable @{logname="Microsoft-Windows-Diagnostics-Performance/Operational"; id=100} ...
0
votes
1answer
21 views

Reading the Forwarded Events from the Event Viewer

I want the parse throw the Forwarded Events in the Event Viewer to get an overview about the last 12 hours. This is not a problem when using the application or system log. But when I try the same with ...
0
votes
1answer
44 views

NLog change eventlog target to something else than Application

I Changed the target log from Application to "xxxx". I removed the Source using powersheel and the created it under "xxxx". when i write event's it doesn't appear anywhere. target = LogManager....
1
vote
1answer
45 views

How to create a event log at “Application and Services Logs” section using c++

I want to write logs in Event viewer under "Applications and Services logs"section using c++. But I cannot find any interface about it, Does anybody know? I have tried "RegisterEventSource", "...
0
votes
1answer
15 views

Windows 10 Mouse/Touchscreen event log

Unable to find Windows 10 Event Log for mouse/touch. Any log that indicates activity upon touching a computer that is always on has no logon screen, and the main application is always open. Similar ...
0
votes
1answer
49 views

How to clear Windows event logs without showing any error messages?

I'm creating a Windows event log-clearing software. Whenever you clear logs from the command-line, there are always a few logs that can't be cleared, because either newer versions of Windows don't ...
0
votes
0answers
17 views

How to view outbound GET requests through event viewer?

I'm looking for any way to see ALL the /GET requests that were done from within a Windows Server 2012 station. Event viewer? how can I accomplish this?
0
votes
0answers
52 views

Azure DevOps Server Error logs with Event ID - 0 and Source - Microsoft-Team Foundation Server

We have Azure DevOps is running on premises with Windows server 2012. When I checked Event viewer it has generated thousands of logs with EventID-0 which has no any description I am getting. By ...
0
votes
1answer
80 views

c#, Nlog and change target

i am running windows service, and i want when i run in debugto to write to console and when as service to event viewer. in powershell i set New-EventLog –LogName Application –Source "mySource" I ...
0
votes
1answer
116 views

How to write a custom event log by an already existing provider with PowerShell?

I am trying to find out the Name/Value mappings of the "State" data in the message of the 'Network Connected' event log: Path = Microsoft-Windows-NetworkProfile/Operational Source = NetworkProfile ...
0
votes
0answers
7 views

Microsoft Exchange mailbox mount event log

We have an admin mounting users mailboxes and want to write a use case in our SIEM to detect when this happens. Can any help me with a few eventIDs for Exchange that I can start looking at? Any ...
0
votes
2answers
60 views

PowerShell not printing to console

I have the below code which retrieves the last users to login after a certain number of days. I want to stop logins that I don't care about from appearing in the list, such as when it shows that "...
0
votes
1answer
57 views

get-winevent -filterxpath vs select-xml

I'm trying to understand xpath better by trying the same thing in both select-xml and Get-WinEvent. But some Get-WinEvent patterns don't seem to work in Select-Xml. I get: expression must ...
0
votes
0answers
29 views

Python error using ffprobe and portable python

I am running ffprobe to find the duration of a video file. I seem to be running into an error with it. I am trying to run a python script from a USB using the event viewer and portable python. 1) ...
0
votes
0answers
28 views

Windows Event Logs

Does event id "7036" with source name "Service Control Manager" generate even when service state change unexpectedly or it just generate when service stops in normal condition? I saw in event viewer ...
0
votes
0answers
24 views

Windows: Where are Event Viewer user Tasks stored?

On Windows 10, I want to run a custom application when a (specific) USB device is attached. I think that using a custom task triggered by Event Viewer will be easy, so the app will not need to go into ...
1
vote
2answers
387 views

Trigger powershell based on event log

I have a command line argument script written in PowerShell which accepts server name from the task scheduler. However my requirement is to execute the script when the SQL server is restarted, hence I ...
3
votes
2answers
67 views

How to remove and create log in Windows Event Viewer

I have an app. I'm trying to write log in Windows Event Viewer when its crashing. I found Write to Windows Application Event Log and I'm using DispatcherUnhandledExceptionEventHandler for catching ...
0
votes
0answers
158 views

.NET Runtime version 4.0.30319.1 - The profiler was loaded successfully. Profiler CLSID: '{}'. Process ID (decimal): 6488. Message ID: [0x2507]

I have a WCF service hosted on IIS 7.5. My request limit in recycling(Application pool advanced settings) is set to 2000. After 2000 service calls I see following windows logs event in event ...
0
votes
0answers
77 views

How to bulk Windows event Viewer Application events to SQL Database using Powershell script

I have an issue when I run PowerShell Script that suppose to extract Apllication event data from Windows event Viewer to SQL database. I get this error: SID problem The source code: param( [...
0
votes
1answer
41 views

Matching SID from AD and Event Viewer

I'm trying to make a script that searches AD for locked accounts, as well as parses the Security log in Event Viewer and then compare the SID's, and if they match, display information of the user that ...
0
votes
0answers
27 views

Eventviewer eventid for automatic user account unlock

Trying to figure out if there is an event written to the security log after user account was automatically unlocked. Already found out that manual unlock generating 4767 in security log, the question ...
0
votes
2answers
30 views

Why does new custom event log returned by EventLog.GetEventLogs contain Application log entries?

I have a very strange issue that doesn't seem to correspond to any of the documentation I'm reading about EventLog.GetEventLogs. I created a new custom log using Powershell (a very straightforward ...
0
votes
0answers
20 views

Can I get longer Event Viewer messages?

Something in our service keeps crashing the server, although not often it's still not good of course. Since the service crashes it can't log anything about the crash to our database, but the Event ...
1
vote
0answers
30 views

how to get types of Windows logon event programmatically c#

I want to get the details of windows successful logon event types currently i am able to get all the successful logon events log.Entries.Cast<EventLogEntry>() .Where(entry =&...
0
votes
1answer
131 views

Writing log to Windows Event Viewer

Is it possible for a windows service/web application (c#) to write log entries where its running under a windows domain account that is NOT a local admin? I have tried both of the following for a NON ...
0
votes
0answers
26 views

How to create message.dll for custom EventViewer? mc.exe

How i can create custom message.dll which will be storaged in regedit -> ~EventLog\Apllication\myCustomApplication? I used syntaxis from msdn documentation but is not work. I have message file in ...
2
votes
0answers
117 views

evntwin evntcmd and Event Viewer

I'm trying to use 'evntwin' to configure Windows to send an SNMP Trap when a particular Windows Event gets logged. So far so good and I can do this for most events i see in Event Viewer. Apart from ...
1
vote
1answer
521 views

Upgrading server/code to TLS 1.2, duplicate and reoccuring error in event log

We upgraded our code and server in June to be PCI Compliant but now we are getting this error below in our event log all over the place. Is there anyway to stop this without turning TLS 1.0 back on ...
1
vote
0answers
65 views

RavenDB-4: System.ArgumentOutOfRangeException: Position cannot be negative, but was -4554

I got this error when trying to search for some data and their RavenDB attachments, but I don't really understand what is going wrong. System.ArgumentOutOfRangeException: Position cannot be negative, ...
0
votes
1answer
120 views

How to find the size of log files using EvtQuery function?

I've been working on windows log collection for a while. Can somebody please help me how to find the size of windows logs (Security, Application, System, etc) and also how to get the number of events ...
1
vote
0answers
239 views

Windows EventLog XML Query using wildcard

I am using an agent (NxLog) that is getting the logs directly from the Windows EventLog. My goal here is to gather MSSQLServer logs; the agent is using windows built-in XML query to get them. <...
0
votes
0answers
87 views

get the default string using EvtFormatMessage

I am trying to get the base string in the DLL using EvtFormatMessage but no matter what I do its not working. The windows help page made it sound like you can use the values and valuecount parameters ...
0
votes
0answers
20 views

Create event log entry on COM+ recycle

IIS allows configuration to create an event log entry in the Event Viewer when the memory limit is exceeded and the process is recycled. Is there a similar configuration in COM+ (probably through ...
0
votes
1answer
90 views

Python - Script to end scheduled task and event viewer tasks

I have been searching for a while for the solution to end a scheduled task using python 3. I have successfully managed to end a scheduled task BUT I have to end an 'Event Viewer Task'. Im using the ...
0
votes
0answers
39 views

Create event source as part Visual Studio Setup Project installer

Is there a way to create an event source for Windows Event Viewer with a Visual Studio Setup Project so that it is created when the solution is installed on the client machine?
0
votes
2answers
821 views

Is NLog logging supported in UWP windows 10?

I need to write logs to Event Viewer of the System where UWP application is installed. Please help <?xml version="1.0" encoding="utf-8" ?> <nlog xmlns="http://www.nlog-project.org/schemas/...
0
votes
1answer
330 views

Trigger event with RDP login

I'm running Win 10 without running explorer.exe At startup windows runs my default app, but I need to run explorer.exe whenever a RDP connection is done to the machine. I'm been trying to find the ...
0
votes
1answer
782 views

MMC could not create the snap-in error after machine.config change

I had some difficulty identifying why my Windows 10 Enterprise machine suddenly could not run Event Viewer (the MMC plugin). It would launch, but produce the following message: MMC could not create ...
0
votes
1answer
224 views

Retrive event logs contains specific string in DATA tag

I have developed a MFC application which reads windows event logs from event log file (EVTX) file and parse it to render in application For reading log file, I am using XPATH query to retrieve ...
0
votes
1answer
61 views

C# EventViewer Logs Parsing

I am in charge of parsing forwarded EventViewer (evt) logs (Windows 7?). To do this I am run a query using Log Parser 2.2 over the logs and pulling out specific EventIDs and writing these to a CSV ...
1
vote
1answer
509 views

The description for Event ID 'x' in Source 'y' cannot be found. Reading 'System' event logs from eventvwr C#

I have this small piece of code to read "System" events from eventvwr EventLog eventLog = new EventLog("System"); foreach (EventLogEntry log in eventLog.Entries) { ...
1
vote
1answer
2k views

Selecting a sub-property in PowerShell

I have a long list of objects in PowerShell (more specifically, a list of Windows events from the Get-EventLog cmdlet) that I want to filter out to find who accessed my machine. I used the following: ...
3
votes
1answer
92 views

Exporting Event viewer Log File As A *.evtx File

I'm trying to export information from event viewer. I am attempting to do this with EventLogSession so I can have it in a .evtx format and not just a text file. public static void ...
0
votes
1answer
385 views

Windows Task Scheduler - Outlook send/receive Mail

Backgroundinfo: I am currently working on a project which runs on UiPath and includes Outlook. I need the Windows Task Scheduler to schedule a Task once an E-Mail is coming in. The Problem: I ...
0
votes
0answers
35 views

Find active remote machine connection of my PC

I want to find current active remote machine ip address which is connected by my PC. To explain it in better way let me tell you the scenario. Laptop1 is my PC. Laptop2 is my friend's PC. 192.166....
0
votes
1answer
745 views

ASP.NET Core 2.0 EventLog change Application name in Event Viewer

I have an ASP.NET Core 2.0 application using Microsoft.Extensions.Logging.EventLog to log to Windows Event Viewer with .ConfigureLogging((hostingContext, logging) => { logging.AddConfiguration(...
0
votes
1answer
172 views

Error after stopping service through Task Scheduler

I've a running service on Windows Server 2012 called FileWatcher. It checks files into folders and does other stuff. I have to stop and restart the service every day at 2.00 AM so i configured two ...
1
vote
1answer
22 views

Writing Events to Specific EventViewer

I have read multiple articles and SO questions on the Windows Event Viewer. However, I am still unable to accomplish my goal. I have a Windows Service that I'll call "Social". I want to write ...
1
vote
0answers
70 views

CLI has stopped working error after making ODBC PDO persistent

Setting up some tests in PHPUnit/Sublime, and am running into a problem with PDO persistent connection. When I add array(PDO::ATTR_PERSISTENT => true) to the connection, the tests run OK, and ...